The State of Cyber Security in the Bangladeshi Banking System

With the rapid advancement of technology, banking has become more accessible and convenient than ever before. However, this convenience has led to a surge in the frequency and sophistication of cyber attacks. The global trend of cybercrime is continuously growing, with an estimated annual profit of at least $1.5 trillion. As paperless transactions become more prevalent, the banking sector in Bangladesh is increasingly vulnerable to data breaches and cyber incidents.

Understanding the Threat Landscape

The potential threats to the banking system in Bangladesh are vast and varied. Unlike the past where the main threat was physical theft or computer fraud, today, the risks include server breaches, theft of personally identifiable information (PII), and data breaches. These incidents are not only financially damaging but also deeply concerning for both banks and individual customers. The loss of sensitive information can lead to identity theft, financial loss, and significant reputational damage for banks.

Common Cyber Incidents and Their Impact

Recent years have seen a rise in high-profile cyber incidents involving major financial institutions. For example, Bangladesh Bank was hit by an $81 million heist through the SWIFT system. Similarly, the Mexican Central Bank identified a fraudulent transaction of $15.33 billion in 2018. These incidents highlight the urgent need for improved cybersecurity measures in the Bangladeshi banking sector. The NIC Asia Bank faced a data breach in 2017, and the Canadian Imperial Bank of Commerce also suffered from phishing and hacking in 2018.

Research Insights from Bangladesh Institute of Bank Management

A study by Professor Mahbubur Rahman Alam of the Bangladesh Institute of Bank Management (BIBM) sheds light on the current state of cybersecurity in Bangladeshi banks. The research indicates that nearly a third of banks (28%) have taken no effective steps to address large-scale cyber-attacks, while 38% are fully prepared for such incidents. Additionally, 34% of banks are partially prepared. Moreover, 27 out of the 100 system vendors providing software to the banking sector have been found to have breached safety arrangements. Bank management often sees investments in IT infrastructure and qualified personnel as a waste of resources, resulting in low scores among bank employees.

Risk Factors and Mitigation Strategies

Three key risks currently pose challenges to online banking: risks from mobile apps, breaches at third-party organizations, and increased risks of cryptocurrency hacks. To address these threats, banks should implement a robust and fully protocolled cybersecurity strategy. Here are some essential measures to consider:

Security Audit: Conduct regular security audits to identify and address weaknesses in the current software setup. Firewalls: Implement firewalls to block malicious activity before it reaches other parts of the network. Anti-virus and Anti-malware Applications: Use up-to-date versions to protect against potential system attacks. Multi-factor Authentication (MFA): Require an additional layer of protection for network access. Biometrics: Utilize advanced biometric technologies, such as retina scans, fingerprints, or facial recognition, to secure user identities. Auto-logout: Automatically log users out after a period of inactivity to minimize the risk of unauthorized access. Education: Educate users and staff on cybersecurity best practices to prevent common vulnerabilities.

Addressing the Challenges in Bangladesh

In Bangladesh, the government can play a critical role in enhancing cybersecurity by organizing professional certification courses. Suggested certifications include a Masters in E-banking and the Certified E-banker program. These courses will equip professionals with the necessary knowledge and skills to deal with cyber threats effectively.

Conclusion

The cybersecurity landscape in the Bangladeshi banking system is complex and evolving. Banks must be vigilant and proactive in addressing the increasing number of cyber threats. By implementing effective cybersecurity measures and staying informed about the latest trends, the banking sector can protect itself and its customers from potential security breaches.