‘Hafnium’ Attacks

Experts for strengthening cyber security

Staff Correspondent

4 April, 2021 12:00 AM printer

Though no money has been lost by the attack launched by foreign hacker group ‘Hafnium’, stealing of email information has created a fear of heightened vulnerability of the country’s cyberspace, experts have said.

They have suggested maintaining strict monitoring of the cybersecurity in banks and financial institutions to thwart any future hacking attempts.  

BB executive director and spokesperson Md. Serajul Islam said, “We have already alerted banks and financial institutions to further strengthen their cyber security as hacker groups usually target the financial sector.”

BGD e-GOV CIRT, the e-Government Computer Incident Response Team, and Bangladesh Computer Council (BCC) identified cyber-attacks on 200 institutions including Bangladesh Bank through analyzing a foreign cyber threat report on Thursday night.

Organizations operating in the country using Windows operating systems, especially Microsoft Exchange Server were attacked by hackers.

However, the extent of the data and information breach still remained unknown.

According to the Bangladesh Computer Council (BCC), the threat actor behind the malware is known as “Hafnium”. It is also observed that there are activities of several hacker groups that exploit vulnerabilities in the Microsoft Exchange Server.

“Hackers may collect and steal confidential information contained in emails. With that, they can blackmail people in the future and cannot do much outside of that,” Information technology expert Tariq M Barkatullah said.

“We have also given strategies on how to remove or clean the virus,” Barkatullah said.

Millions of servers in different countries of the world including Brazil, Europe, and America have been attacked by this virus.

Earlier on February 16, the CIRT advised being alert for fear of cyber attacks on several financial and government institutions in the country, including Bangladesh Bank.

The institute then sent a warning message to banks regarding the attack by an international hacking group known as 'Kasablanka'.

The CIRT officials said the incidents of cyber attack have increased globally during the pandemic period. They also suggested increasing monitor on cybersecurity issue to keep the cyberspace secure.