Various companies in Bangladesh are also being attacked by ransomware. Big commercial companies like Beximco, Akiz and Digicon Technologies have been attacked. By attacking these companies, hackers have taken away a lot of sensitive information. BTCL, Grameenphone Limited, Axiata Limited, Link3 Technologies, Systems Solutions and Development Technologies Limited, Bandhu Network Limited, Aamra Network Limited, Banglalink Digital Communications Limited and Teletalk Bangladesh Limited are at the top of the attack risk list.
 |
| Image: Google |
These data have been obtained from the research report ‘Ransomware Landscape Bangladesh 2022’ published on the cyber situation and ransomware situation in Bangladesh. The report was published by BGD e-GOV CIRT, the government’s cyber security agency.
BGD e-GOV CIRT, a cyber-security agency under the government’s ICT Division, has researched the cyber situation and ransomware situation in Bangladesh. They released a report titled ‘Ransomware Landscape Bangladesh 2022’. CIRT collected relevant information about ransomware attacks in Bangladesh from Dark Web Monitoring, OSINT (Open-Source Threat Intelligence). They have prepared this report by reviewing various data available since 2021.
Since 2021, 4 Ransomware attacks have been reported in Bangladesh, said CIRT. Among them, they mentioned three private companies. India has the highest number of ransomware attacks in the Asia Pacific region. Then there is Japan, Thailand, China and Taiwan.
According to Kaspersky Security Bulletin 2021 data, Bangladesh is the most attacked by ransomware Trojans than any other country.
Akiz Group, one of the top business group in Bangladesh, was attacked by ransomware called Night Sky. All the company’s server files, employee resumes, mail server data, GitLab code base, ERP system database, all website cPanel data including backups, and personal computer backup files were also leaked to the dark web.
Another top business organization of the country, Beximco Group, was attacked by ransomware called AltDOS. Hundreds of gigabytes of files, databases, their telecom subsidies, 56,000 payment records were leaked from their 34 websites.
Information technology firm Digicon Technologies has been attacked by Russian-based Conti Group, which goes by the alias Wizard Spider.
CIRT also highlights the types of malware associated with potential ransomware attack chains. Since 2021, 14,627 IP addresses from Bangladesh have been reported to be infected with malware. By which there was a risk of possible ransomware attacks.
Autonomous System Numbers (ASNs) are managed by one or more network operators.
According to CIRT’s report, about 612 ASN holders in Bangladesh are vulnerable to potential ransomware attacks. CIRT mentions the names of those who have more than 1000 records of infection. The top 10 potentially at-risk ASN holders are Bangladesh Telegraph and Telephone Board now known as BTCL, Grameenphone Limited, Axiata Limited, Link3 Technologies, Systems Solutions and Development Technologies Limited, Bandhu Network Limited, Aamra Network Limited, Banglalink Digital Communications Limited and Teletalk Bangladesh. Ltd.
CIRT says a ransomware attack doesn’t mean encrypting data on a computer. Ransomware like Ryuk and Maze attack entire network systems. Which attacks using Remote Desktop Protocol (RDP) on the same network. In addition, 205 IP addresses in the country were found to be vulnerable to ransomware attacks via RDP.
Server Message Block (SMB) allows users to access files on remote servers. Ransomware risks are also seen through these SMB services. According to CIRT, 182 IP addresses are using SMB1, most of which are located in Dhaka, the capital city of Bangladesh.
What is ransomware?
Ransomware is a type of malware that prevents access to a person’s computer or information stored on the computer. When infected with this malware, the computer itself can be locked or the data on it can be stolen, deleted or encrypted. Cybercriminals demand money to gain access to a computer or retrieve information stored on it. Ransomware targets various important sectors including large companies, important state institutions, financial sectors and so on.
.jpg "Perimeter81 - Web Filtering Solutions")
