Dhaka: Bangladesh Bank (BB) has issued a cyber-attack warning in banks and other financial institutions asking them to take precautionary measures.
According to Bangladesh Sangbad Sangstha, the central bank today issued a notification saying future cyber-attacks could disrupt critical information infrastructure (CII), banking and financial services, healthcare, as well as public and private sector operations. Citing various sources, the central bank noted that banks and financial institutions might become targets of cyber-attacks. Institutions have been asked to strengthen their systems in advance, particularly against small and mid-level threats.
BB instructed all banks and financial institutions to update patches on their servers, databases, and systems. Additional instructions include shutting down unnecessary portals, enforcing least privileged access, implementing the 3-2-1 strategy for data backup and restoration, and enabling multi-factor authentication (MFA) for critical systems.
The central bank also instructed institutions to act promptly if any irregularities are found in their IT systems. This involves deploying Security Information and Event Management (SIEM) systems and Network Intrusion Detection Systems (NIDS), among other protective measures.
To detect and prevent threats, Bangladesh Bank advised the use of Endpoint Detection and Response (EDR) antivirus software, along with regular updates of threat signatures. IT teams have been directed to remain vigilant at all times, ensuring they are prepared to respond promptly in the event of a cyber-attack.
The central bank also stressed the need to report any suspicious logins, unauthorized file or data modifications to relevant authorities without delay. Banks have been asked to closely monitor external connections and to restrict and review remote access, VPNs, and privileged accounts.
Besides, all banks and financial institutions have been instructed to establish 24/7 monitoring of their Security Operation Centres (SOCs) with adequate manpower. Emphasising the need for operational resilience, Bangladesh Bank urged institutions to maintain a robust fallback system, including regularly updated Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP).