An Asian country could be on the move against a scenario of disastrous cybersecurity. Reports indicate that Bangladesh Bank has ask banking institutions to limit the number of transactions at their ATMs, payment cards and online banking as a security measure in the face of the risk of hacking incidents. The bank has also alerted other financial institutions about other potential cyberattack risk.
These measures are being implemented in response to multiple reports received by Bangladeshi authorities, which ensure that a group of hackers sponsored by the North Korean government is planning a massive attack on the country’s banking and financial industry. As part of these measures, users will not be able to trade at ATMs between 00:00 AM and 06:00 AM, a representative of Bangladesh Bank mentions. Online banking operations are also limited.
Bangladesh Computer Incident Response Center (CIRT) notified the country’s government of the risk of hacking on August 27, so Bangladesh Bank (the country’s central bank) asked banking institutions to implement the necessary measures to prevent possible North Korean cyberattacks. In statements to a local media outlet, Ekram Kabir, Vice President of Brac Bank, said: “We have strengthened some security measures at our ATMs and other means of payment, suspending operations for a few hours of the night; our customers will be notified via text messages.”
Other banks such as Dutch Bangla Bnak, Islami Bank Bangladesh, City Bank and Trust Bank have taken similar measures, so their customers will only be able to use these services during the day: “We strengthen our security measures to avoid the risk that has been notified to us,” says Syed Mahbubur Rahman, director of Mutual Trust Bank.
Regarding threat actors, experts mention that this is North Korean hacking group Beagle Boys, which might be planning a massive jackpotting operation. This group has been associated with multiple hacking incidents, including within Bangladesh. In June 2019, Dutch Bangla Bnak Limited (DBBL) reported an attack in which they lost up to $1.5 million USD due to a cyberattack.
The group’s best-known attack also affected Bangladesh Bank. In 2016, hackers stole more than $100 million USD from Bangladesh Bank’s account at the Federal Reserve Bank of New York thanks to fraud in the SWIFT payment system, making it one of the largest hacking incidents ever recorded.