Invest more to fight off cyber-attacks

Development of human resources and more investment are needed to thwart cyber-attacks that have skyrocketed in Bangladesh in recent years, experts said yesterday.

For that, a concerted effort and investment from the government, business and banks are needed to protect internet-connected networks, devices and data from unauthorised access and criminal use as cybersecurity threats increase in Bangladesh, they suggested.

"Our internet bandwidth is contaminated and it's not possible for the bandwidth supplies alone to set such firewalls that monitor and control vast network traffic," said Tarique M Barkatullah, director of operations at the Digital Security Agency.

"The users -- businesses, banks and the government -- should come forward to thwart the threats," he said.

He was speaking at a workshop on cyber security organised by the Bangladesh Telecommunication Regulatory Commission (BTRC) and Cyber Crime Awareness Foundation at the former's office in Dhaka.

"Ensuring cyber security is not an isolated task. We need to develop our own human resources. We shouldn't rely on other countries for our cyber security," added Barkatullah.

He said many big organisations use pirated software, which ultimately increases cybersecurity threats. Much of such software are unnecessary but are still used because of a lack of awareness.

"Emphasis has been given to develop native technology and technology-related research to build a capable and smart Bangladesh in the future. Besides, the scope of the Cyber Incident Response Team is being extended to every sector," he added.

Brig Gen Md Nasim Parvez, director general of the Systems and Services Division, presented a keynote at the workshop.

He said it was important to use multi-factor authentication, strong passwords, a password manager and updated software while recognising and reporting phishing were equally important when it comes to seeking protection from cyber threats.

Mustafa Jabbar, posts and telecommunications minister, said the issue of cyber security was very new in the context of Bangladesh and there was a lack of awareness among people.

Although the government named 29 critical infrastructures to be important for the state, there is no bar on media workers availing information from these institutions, he added.

Jabbar advised parents to follow parental guidelines to keep children and teenagers safe online.

Shyam Sunder Sikder, chairman of the BTRC, said a large number of mobile and internet users in Bangladesh fell victim to cybercrime because they were not very skilled in technology.

He said awareness should be raised about telecommunication services and cyber security at the grassroot levels.

"If every educational institution conducts weekly awareness campaigns on cyber issues, it will be fruitful and the Ministry of Education should come forward for this," he said.

According to a report of the Bangladesh government's e-Government Computer Incident Response Team (BGD e-GOV CIRT), cyber-attacks, especially ransomware attacks, have increased tremendously in Bangladesh.

There were some key findings and observations for Bangladesh in the report.

Two were on the fact that no organisation notified and shared information regarding their breaches/ incidents to stakeholders or customer and there are no regulations addressing the negligence of reporting and notification of cyber incidents and data breaches. In addition, there is inadequate cyber threat monitoring and detection operations within organisations.

It also found that there was a lack of systematic and structured threat and incident handling capabilities within organisations and a lack of effort of senior management concerned regarding strategic decisions of cyber security capabilities development.