Join Fb group: Career Point for Competitive Exams follow page: Md. Shafiqul Islam -Shuvo i$ UTS HiZara fTATeGT/Cybersecurity in Banking Sector/ Cyber security threats to Smart Bangladesh > CU ASATGIET ITCH NTs CHT MARIS Fie Fr CATS BOT Few eee BITS HATA AIST FeefG eC FTI The scope of digital financial transactions in the country is increasing day by day, but the aspect of cyber security in the banking sector is still weak. CHET CHD aHIgCaoa WICH HR orem HIRATA AIST Gia ACN ACHR! AHA TS ONT S CUBE CBAUCTATA PRAGA HESS CAA AIA PALS MICA | SA PCT TTB GLAM SATA PAIMATT AAS THVT AUG CAT! Half of the total banks in the country are now at risk of cyber security. These banks have not yet fully installed the next generation firewall software. As a result, the cyber security threats of banks have multiplied. ee = , Caras GOH, Aerehiie Hosa, ibeMs aa URI SEIS OPA (MB AH Sala OHTA TY 1.415 WT ABS AHH T electronic ey yas ise “falGo! Cyber is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic y The term applies into a variety of contexts, from business to mobile computing, and can be divided into a few common categories. OUTST BHT : AG HB OMIA Aas Gere Fics Vals Cec Aw AC Application security It keeps software and devices free of threats ¥ CB o urs FARCE : afb 2a acereratora IR CALs SACHA DONS Yao Fa NTT! Network security: itis the practice of securing a computer network from intruders ¥ DATA: AG SONAR Ae HATGLE GORe GOA AIST AAs CMT THT STA! Information security: It protects the integrity and privacy of data, both in storage and in transit. YUNA ASR: CGT HOM RETTAT ee TPT GAT OafsPaT ae FFAG . Operational security : the eee and decisions for ae and. poe data assets. ¥ Some common methods used to threaten cyber-security are: Malware like Virus, Trojans, Spyware, Ransomware, Adware, etc. H2da-335PA Saea Oe DIRS PAH AAT HS VA WS COTA GRAM, CEG, “ROT, MANGIA, CHGS Tosh ¥ Besides this/ 48 QIGIS SQL injection, Phishing, Vishing, Smishing, DNS Phishing, Farming, Man-in- the-middle attack, Denial-of-service attack, etc are mentionable cyber attack/SOmM GTA NRTA aR ¥ Dridex malware (December 2019), Romance scams (February 2020), Emotet malware (late 2019), etc are some latest cyber threats of the world {GOs WIEOWIa (GOTTA 2019), CAST BATA (PAA 2020), ITAESG FSWT (2019) Fone fAvea Sele MOT HATA SALT Ampact of Cybersecurity ¥ Cybersecurity threats can cause certain dangers to individuals, businesses, and governments, Some of the potential dangers include: Data breaches: Hackers can access information such as financial data, personal information, and confidential business information. Ransomware attacks: Hackers ean encrypt a victim's files and demand a ransom payment in exchange for the decryption key. Page 1 of 4Join Fb group: Career Point for Competitive Exams follow page: Md. Shafiqul Islam -Shuvo Hackers can overload a website or network with traffic, making it unavailable to ‘very common in telecom, and in my last job, we experienced it Phishing scams: Hackers can trick individuals into providing sensitive information through fraudulent emails or websites. ‘Malware: Hackers can install malicious software on a victim's device, allowing them to control it or steal information Industrial control system attacks: Attackers can target control systems for critical infrastructure such as power plants, water treatment facilities, and transportation systems. Overall, eyber security threats can lead to financial loss, reputational damage and even physical harm in some cases. ‘Trends and developments that may shape the fi % The field of eybersecurily is evolving as new technologies and threats emerge. Some trends and developments that may shape the future include: Increased adoption of coud computing and Internet of Things devices: As more businesses and individuals adopt cloud services and comnect more devices to intemet, the number of potential attack vectors will increase. Y Greater use of artificial intelligence and machine learning: These technologies can detect and respond to eyber threats in real time, but they also raise new concerns about the potential for malicious actors to use Al to launch more sophisticated attacks ¥ Growing focus on supply chain security: As more companies rely on third-party vendors and partners, the potential for supply chain attacks will increase. ¥ Quantum computing: As quantum computing matures, it will become a more viable tool for cyber attackers to break ‘eneryption and other security measures ¥ 3Gand 6G: As the world moves to 5G and 6G networks, the number of loT devices will increase, bringing new dole to security at the — device sary and network security. ¥ Cybersecurity Ventures, a global researcher and publisher covering the global cyber economy and a source for cybersecurity facts, expects global cybercrime costs to grow by 15 per cent per year over the next few years, reaching $105 trillion annually by 2025, up from $3 trillion in 2015. This represents the most significant transfer of economic wealth in history and risks the incentives for innovation and investment. VY R030 TIC ATATAAT CTV AOTC STRATA ITN BIE PATS SGT AS GHA HATH PATS TET all Rody AGT ARTA IAA MAT ATA CERT WTA CAIG 90 CAE 30 AH Wea UTS Bika BOAT SUG, AICS aisle Cw YAVAITS SAC MS HSCOTA TG Hiatal VHA Tot VA AAA (MCPS HAT ania faaate crea anefa: TOR GAT AIG Graco FIST (https://www.bbc.com) Y AAITA SW FUG, AMAA TTS 99 ATSHTATS Cah MIGCHTAS MITTS WIA STATS | CHOTA Cala TT UGTA IRA BOHR SIS FRAT TAT HATA SOT ATTRA SMT SPTS ASTM FACTS IMSTS BY ATTY PATRT SEA! (HIG 2, 2029 bonikbarta) ¥ SPRAIN CMSA SIA) WIGCETAA HIRATA SI CHG FA aATIOM-RoRO! Als aT ACTIN ASAT SAAS, Lodo Ro HET HOT AVA MATA ACT SIPS APS CASTS, AMG S WT UHR SHY CST SHIPS Viiwe FT SW HAL CTI AlGry SHG BilSsecra WOOT SG AQT NA MTSE PAT ACAI «A AGT SCAT MARSCS STAT CHUB Fr ASAT TEN OETA 1 FesC FIC Sera rer RCH) 1 VACA AIC BIT CIOS MAAGT AT v9 Wea AT be TST, BT TOT Fear 4 PP 88 “OTE HIRATA SMAI TAHOE CATT CA CAT CTR, AA TES PASI YETTA TAH Sb 00 TEA AE PSTN IA bl WTS Bo FaITI(www.prothomalo.com 2¢ WA 2023) < < Page 2 of 4Join Fb group: Career Point for Competitive Exams follow page: Md. Shafiqul Islam -Shuvo area Les anaes, 208 swe, 208 womuatea617 208 Wwnwjugantor.com/ 0 ATS¥d 2020) Wea TT SRT Gra TT Tes FAC eT ae CO GS MET AL at AI PATRI Only 4 out of 61 banks in the country have set up Cyber Security Operations Centers (SOCs) despite Bangladesh Bank's directives to prevent major cyber attacks. “Different training and awareness program are arranged on a regular basis through IT departments and Human resources department. v Soa ee Const Cees Biacs Sarre aie site Ren oa oq Fal AR) ASIA WHT YY wT oF oA ARS FOIA PNG SCA AIT FAAEAG ore ANG! Bangladesh Computer Incident Response Team (GD e-GOV CIRT) has been formed as per the provisions of Digital Security Act 2018 to ensure cyber security of the country. BGD e-GOV CIRT is working tirelessly to ensure information security on important government information infrastructures. YOR COUR SETS SMT OAT AAA SET MaRS Ce TET TAT COTS OTS MATA ‘EESTIA) TAIL ROATG, Sensors (special software to prevent cyber attacks) have been officially installed at 15 important internet connection sites in the country. 4 TBO EAT GCA EGON PAST MAPSCO INAS AST PaCS SURG MA SPECS BIA PALY! ROAD OAS DHT AG IMM PLATA Banks are installing anti-malware software to strengthen the firewall to ensure the security of digital transaction software. Many banks have already set it up. V HRA FAH IS 6 CHAT SASH AGT @ STATA WT HSA Wa BAS WAPGS WAL RGIS, TAS afoorrs SLES 8 CHATS VAT STAG HPI THT (SHAT CSM afreps firme crate aitba wes ” Cyber Drill ‘has been held to create awareness among banks and financial institutions and customers about cyber. in this drill, officials of banks, financial institutions and those interested in information technology have been trained by Central SART officials as a strategy to prevent cyber attacks. v Soacba PAS TOA DUTT AS) STN CL PAT RTS ITT CTS SRTHST Fala Ag SIT HCHS ATSIC! Sensors have been installed in the two main gateway submarine cables of the Internet. These will help prevent any cyber attack and send early signals. Page 3 of 4Join Fb group: Career Point for Competitive Exams follow page: Md. Shafiqul Islam -Shuvo v Tita SAFARI RiPbw sate ae TAT CRFGSIIA GAT HET) ITAA Bourn AURA AEA! MAYA SANSA a GRE BA aT SRA PaToTT APES ‘FATTITo ensure cyber security, the government has taken initiative to form a world class cyber security agency (run by software). Its office will be at Kaliakair in Gazipur. This will ensure cyber security at all times. VFR TSA STAT APSTATLY ST SLMS FOIA MSA Wika PACTTCATHA PATH ISS SAG STs TA CTS TST SHA PY CATS HUSA SINT CN STITT AISI AIGA Bangladesh has become a member of the International Cyber Expert Association consisting of internationally renowned cyber experts to prevent possible cyber attacks. They will provide early warning before a ber attack. 1 oerrcocco Dii8aTa FRATAIGIS CRA CAPT CAPT AIGA FANG SATS ZCI Banking sectors need to invest more and more in the IT sector, especially behind cyber security. Oe EDR SFTAIK FATS ZTAl Information technology needs to be constantly updated. offaioget orate Farrer Sf YONA; Full cyber security risk assessment; Sefer VATA HRA Aes STOTT ISTO VAP HTT; Conduct technical vulnerability. assessments and formulate emergency management activities; wn 5. CU CRA HIRATA eT AAA SIP CUTCAET Sala GT Af SgaT ATTA; Formulate plans to deal with any cyber or technical attacks; 6, Hebel Sof oer-Salprata Gey HiSara PATS PANTS TCH OATTT 8 af aHT PRL SIT; Conduct cyber security awareness and training activities forall officers and employees; WR LYST MAT GATT FART NT ACHSATT PaSTH GOWMA A; Take initiatives to increase public awareness about transactions through information technology: CT TEL ETS SCM Gr 28x94 SAS GS IAAI CFE (Information Security Operation Centre) ZIFF_Establishment of 24x7 Information Security Center for round-the-clock monitoring of the entire system; ACS CAST WH AT > 2008 FF (AS YSARHS BSAA FAS OT SIC SAATSH HRA HLS OAST TM ACA OTA BTA UCR SICA HIRATA FAAS ACH OAST MIMATSAS VTA PAG (GAH PSS 202% AMC arate arg CHOOT TOT Ry aT awe eat Par AACR AIM CITE SISA COTA, HOS aS aT | ROR HICH GST Raa AIT SH (AAPM) HCH WA HAWS ¢2 AAG CAI wel’ CATA CLS ATCA Oe AAA ACA TUATHA AT SOMSS CGC T LEAT TSIPTS aR ara are) CP AIT CRA COUT As OY 8 INTIS UPD) Ga 38453] (WATAA : Channel 24,¥ WCBS 2022) ° cs Seo ee ei EE, I SR CRAP OTIC LZ a ONO AS DIAS CHP TPAP OMA VI Hoa TPO HLA OTSPIT BALR) OLS TAC A PARMA OF CASS STAT SIA CAP HS TTRTCA ACT CAPT TT TGS HRT CTBG FREI ale MTN Sen SafSTS wafseacra Pca FCAT! 4 On the one hand, such financial systems are being automated, modernized and digitalized, on the other hand, organized criminal groups are constantly cyber-attacking the financial system on purpose with greater efficiency. However, the banks have been in a much more cautious position since the direction of Bangladesh Bank. Most of the banks have separate IT departments as well as IT professionals. Ref: GAS WS AAT GA, PIA BS , WUT, , thefinancialexpress , Internet. Page 4 of 4Importance, Threats & Challenges of Cybers Banking Sector in Bangladesh Facebook Page: Bank's Job Special “| What is Cybersecurity in Banking? The arrangement of technologies, protocols, and methods referred to as "cybersecurity" is meant to guard against attacks, damage, malware, viruses, hacking, data theft, and unauthorized access to networks, devices, programs, and dita. Protecting the user's assets is the primary goal of cybersecurity in banking. Ax more people become cashless, additional acts or transactions go online. People conduct transactions using digital payment methods like debit and credit cards, which must be protected by cybersecurity. @Reasons Why Cybersecurity is Important in Banking? The banking industry has prioritized cybersecurity highly, Building credibility and trust is the cornerstone of banking, soit becomes much more essential. Here are five factors that demonstrate the significance of cybersecurity in the banking industry and why you should care: 1, Everyone looks to be entirely cashless and using digital payment methods like debit and credit cards. In this case, ensuring that the required cybersecurity safeguards are in place to protect your privacy and data is critical. Join with Our Fb Page: Bank's Job SpecialBank's Job Speci Bank Focus Writin; 2. After dat breaches, it could be difficult to trust financial institutions. That's a significant ue for banks, Data breaches caused by a shoddy cybersecurity solution may easily lead to their consumer base moving their bu 3. The majority of the time, when a bank's data is compromised, you lose time and money. Recovery from the same can be unpleasant and time-consuming. It would entail eancelin, cards, reviewing statements, and keeping a watchful lookout for issues, Inappropriate use of your private information might be very harmful. Your data is sensitive and could expose a lot of information that could be exploited against you, even if the cards are revoked and fraud is swiftly dealt with, 5. Bunks need to be more cautious than most other firms, That is the price for banks to retain the kind of valuable personal data they do. If the bank's information is not safeguarded against risks from cybercrime, it could be compromised, ess elsewhere. Cybersecurity Threats Faced by Banks; Cybercrimes have increased frequently over the past several years to the point where it is thought that they are one of the most significant hazards to the financiall sector. Hackers have improved their technology and expertise, making it difficult for any banking sector to thwart the attack consistently, The following are some dangers to banks’ cybersecurity 1, Phishing Attacks One of the most frequent problems with cybersecurity in the banking sector is phishing assaults. They can be used to enter a financial institution's network and conduct amore severe attack like APT, which can have a disastrous effect on those organizations (Advanced Persistent Threat), In an APT, user who is not permitted can access the system and use it while going unnoticed for a long time. Significant financial, data and reputational Losses may result from this. According to the survey, phishing 1 institutions peaked in the first quarter of 2021. 2. Trojans Join with Our Fb Page: Bank's Job SpecialBank Focus W: 9S The term “Trojan” is used to designate several dangerous tactics hackers use to cheat their way into secure data. Until it is installed on a computer, a Banker Trojan looks like trustworthy: software. However, it is a malicious computer application created to access private data processed or kept by online banking systems. This kind of computer program has a backdoor that enables access to a computer from the outside. 3. Ransomware A.cyber threat known as ransomware encrypts important data and prevents owners from accessing it until they pay a high cost or ransom. Since 90% of banking institutions have faced ransomware in the past year, it poses a severe threat to them. In addition to posing a threat to financial cybersecurity, ransomware also affects cryptocurrency. Due to their decentralized structure, cryptocurrencies allow fraudsters to break into trading systems and steal money. 4. Spoofing Hackers use a clone site in this ty pe of cyberattack. By posing financial website, they; + Design a layout that resembles the original one in both appearance and functionality. = Establish a domain with a modest modification in spelling or domain extension. (¥]Challenges in Implementing Cybersecurity in Banking; Some contributing elements have presented a signi banking. The following are some of these: icant challenge to digital cybersecurity in 1. Lack of Knowledge The general public's understanding of cybersecurity has been relatively low, and few businesses have significantly invested in raising that awareness. 2, Budgets That are Too Small and Poor Management Due to the low priority given to cybersecurity, it frequently receives short budgetary shrift. Cybersecurity continues to receive little attention from top management, and programs that assist it are accorded low priority. They might have underestimated how serious these risks are, which is why. 3, Identities and Access are Poorly Managed. The core component of cybersecurity has always been identity and access management, especially now when hackers are in control and might access a business network with just one Join with Our Fb Page: Bank's Job Specialcompromised login, Although there has been a little progress to be done. in this area, much work still needs 4. Increase in Ransomware Recent computer attacks have brought our attention to the growing threat of ransomware. Cybercriminuls are beginning to employ various techniques to avoid being identified by endpoint protection code that concentrates on executable files, 5. Smartphones and Apps The majority of banking organizations now conduct business primarily through mobile devices. Every day the base grows, making it the best option for exploiters. Due to increased mobile phone transactions, mobile phones have become 4 desirable target for hackers, 6. Social Media Hackers have increased their exploitation as a result of social media adoption, Customers that are less knowledgeable expose their data to the public, which the attackers abuse, @The Scenario of Cybersecurity in Banking Sector of Bangladesh, YBERSECURITY STATUS OF BANKS C8) Sources of cyberattacks Cybersecurity risk (Minimum 248 to maxinurn 630 attacks a day) (of banka} es ae siders)" Typkey Roglenia Pakistan Source: BIBM ‘The country’s banking sector has undergone a massive digital transformation over the past five years thanks to heavy investment in information technology (IT), but spending for cybersecurity and IT teaini till very low, putting most banks at risk of cyberattacks, the study has found. Join with Our Fb Page:‘maximum of 630 cyberattacks every day and some 32% of the banks are at moderate eyber risks, while only 12% are at low risks, according to the study titled "Cybersecurity landscape of banking in Bangladesh and recommendations.” The findings of the study were revealed by BIBM, = the first day of a two-day cybersecurity summit being held at a city hotel. The Association of Bankers, Bangladesh (ABB) has organised the first ever cybersecurity summit in the country where local and international experts have been invited to dig deeper into the major challenges that the banking sector is facing. The BIBM study has found that most of the attacks, 24% to be precise, come from China, followed by Russia 12%, and North Korea 13%. Bangladeshi banks experience 72% of total online frauds through the SWIFT system in terms of value, while 20% of the frauds are executed through banking soltware, and the rest through other digital channels such as mobile banking, internet banking clearing, and ATM, according to the study, A lack of in-house IT expertise is identified as one of the major weak nesses that are putting banks under cyber threats. Bunks are suffering from a shortage of IT-skilled manpower as they spend less for IT training and security systems. Since the year 2020, the banking sector has thus far invested « total of Tk42,609 crore in IT, says the study report, adding that the amount of IT investment was Tk1,666 crore in 2020, of which 71% were spent for software and hardware, while only 3% was spent for training, and 5% for security. As a result, 50% of bank employees have a very poor knowledge of IT. The study has also found that vendors are mostly behind the cyber s employees are in the second position in this regard. curity breach and bank According to the study report, IT increases the efficiency and productivity which ultimately impact banks’ profitability. For instance, the total number of banking transactions — both online and manual — was 738 crore in 2021 when the number of employees was 1.94 lakh. Managing the same amount of transactions would require 9.86 lakh employees in 1980. This means productivity increased by nearly five times in 40 years, thanks to digitalisation. Of the total transactions in 2021, 70% were held through the digital channel. Digitalisation has also hel ped banks cut their operational cost significantly, says the report, adding that the average cost of per transaction through banks’ branches is TK90, while the cost is only Tk1.74 in internet banking, Tk52 through ATM, Tk1.5 in mobile banking, and Tk32 in agent banking. Join with Our Fb Page: Bank's Job Special