Editorial

How could cybercriminals access NBR server so easily?

Strengthening the security of state institutions is urgent
Cybergangs Breaking Into NBR Server At Will
VISUAL: STAR

It is worrying to learn, from an investigative report by this paper, that cybercriminal gangs have been breaking into the National Board of Revenue (NBR) server, using the ID and password credentials of officers to log in and complete customs procedures for the illegal release of shipments. Investigators have uncovered evidence of foreign cigarettes and liquor smuggled in through this process. What's most alarming is that the criminals managed to bypass two additional authentication layers, including the mandatory One-Time Password (OTP) sent to the credential holder's mobile phone, raising questions about the entire security protocols in place.

Customs and NBR officials have warned that such breaches pose a threat to national security. According to our report, this system vulnerability has allowed criminals to compromise the NBR server to release at least 48 imported consignments and launder money through fictitious imports totalling at least 3,000 consignments from January 2019 to September 2024. Often, the exact contents of these consignments remain unknown, which means dangerous items can enter the country undetected.

One particular breach occurred in May when cybercriminals accessed the NBR server using the credentials of a deputy commissioner from the Chattogram Custom House while he was in India for medical treatment. Investigators have identified a prime suspect in this case, who has reportedly been arrested several times for alleged public data theft from other government servers, including the NID server and land ministry web portal. Yet, he was released on bail every time, allowing him to continue targeting vulnerable government databases.

Clearly, there are significant flaws in the system. Earlier investigations found that cybercriminals secured access to the IDs and passwords of at least 27 customs officials, including retired, transferred, or even deceased personnel. This raises questions about why such credentials were not updated or deactivated. Moreover, security protocols on the NBR server reportedly get relaxed at certain hours, creating a window for cybercriminals to strike. To address these issues, it is essential to determine how unauthorised devices can access the server and why it would stop sending OTP alerts at certain hours.

These breaches suggest the possibility of insiders aiding these criminal gangs. In the current reality in which the government is trying to reform state institutions, it must prioritise cyber security, particularly in major entities like the NBR, NID, land ministry, etc. An in-depth investigation to identify and address all system vulnerabilities and hold accountable those involved in these cyber frauds and identity thefts is critical. Public institutions must be fortified against these increasingly sophisticated cyber threats.

Comments

How could cybercriminals access NBR server so easily?

Strengthening the security of state institutions is urgent
Cybergangs Breaking Into NBR Server At Will
VISUAL: STAR

It is worrying to learn, from an investigative report by this paper, that cybercriminal gangs have been breaking into the National Board of Revenue (NBR) server, using the ID and password credentials of officers to log in and complete customs procedures for the illegal release of shipments. Investigators have uncovered evidence of foreign cigarettes and liquor smuggled in through this process. What's most alarming is that the criminals managed to bypass two additional authentication layers, including the mandatory One-Time Password (OTP) sent to the credential holder's mobile phone, raising questions about the entire security protocols in place.

Customs and NBR officials have warned that such breaches pose a threat to national security. According to our report, this system vulnerability has allowed criminals to compromise the NBR server to release at least 48 imported consignments and launder money through fictitious imports totalling at least 3,000 consignments from January 2019 to September 2024. Often, the exact contents of these consignments remain unknown, which means dangerous items can enter the country undetected.

One particular breach occurred in May when cybercriminals accessed the NBR server using the credentials of a deputy commissioner from the Chattogram Custom House while he was in India for medical treatment. Investigators have identified a prime suspect in this case, who has reportedly been arrested several times for alleged public data theft from other government servers, including the NID server and land ministry web portal. Yet, he was released on bail every time, allowing him to continue targeting vulnerable government databases.

Clearly, there are significant flaws in the system. Earlier investigations found that cybercriminals secured access to the IDs and passwords of at least 27 customs officials, including retired, transferred, or even deceased personnel. This raises questions about why such credentials were not updated or deactivated. Moreover, security protocols on the NBR server reportedly get relaxed at certain hours, creating a window for cybercriminals to strike. To address these issues, it is essential to determine how unauthorised devices can access the server and why it would stop sending OTP alerts at certain hours.

These breaches suggest the possibility of insiders aiding these criminal gangs. In the current reality in which the government is trying to reform state institutions, it must prioritise cyber security, particularly in major entities like the NBR, NID, land ministry, etc. An in-depth investigation to identify and address all system vulnerabilities and hold accountable those involved in these cyber frauds and identity thefts is critical. Public institutions must be fortified against these increasingly sophisticated cyber threats.

Comments