Bangladesh’s Government is taking multiple steps to digitalize the country. This effort is appreciable. On the other side, cyber attacks in Bangladesh are also increasing. We know the cyber security workforce shortage is a global issue, and on the other side, Bangladesh faces unique hurdles. Additionally, We have noticed that the businesses of Bangladesh are not taking proper steps to protect them from cyber attacks that are happening often. Let’s discuss this in detail.
Cybersecurity Landscape in Bangladesh
- Lack of Awareness: Almost 80% of Businesses do not take cyber security as seriously as other countries. Companies are not aware of the impact of a successful cyber attack.
- Lack of proper security assessment: Most businesses that care about cyber security only perform automatic scans—no ability to identify false or true results. Unknowingly, they leave vulnerabilities to be exploited by hackers.
- No external security assessment: We have found that financial companies perform external testing for a minimum time frame, even there may not be any verification of their finding. And many other companies have never done it before.
- Investing in the wrong tools and services: Businesses, basically small businesses, tend to invest in the wrong tools and services, such as supporting only Antivirus, EDR, or Firewall. Even they believe defensive SOC is all they need to protect themselves from cyber-attacks.
- Giving priority to the wrong professionals: They are not hiring the right and trained professionals who are specialized in specific fields. For example, a programmer or a malware analyst should not perform an in-depth vulnerability assessment if he is not trained or doesn’t have practical skills in offensive security.
- Lots of other misconceptions: Misconceptions like –
we are not a target, we are not hackable, It is expensive, fear of exposure, misunderstanding of scope, concern about business disruption, etc.
- Lack of Technical Expertise: Lack of technical expertise makes it harder for them to protect from cyber-attacks. Many companies may have an internal security team that doesn’t have enough expertise to search for potential loopholes regularly.
- Budget Constraint: Most businesses neglect to allocate a budget to strengthen their cyber security defense. They can hire less skilled experts just for basic security to save some money.
You may say, ah, lots of issues, what now? What are the solutions? Yes, this is true. But before discussing solutions, let’s see the ability of cyber criminals(Hackers).
Decoding the Hacker’s Arsenal
After a recent cyber attack in Bangladesh, In an interview, a person was asked What hacker’s ability is and how we can increase our abilities to protect ourselves from them. Unfortunately, at that time, I forgot that, in Bangladesh, Many people think Cybersecurity defense means establishing infrastructure with costly equipment and purchasing expensive software and tools to monitor cyber-attacks. So I straightly answered hackers mainly exploit vulnerabilities and use social engineering techniques to attack their victims. This means they are highly proficient in computer technology and very good at manipulating humans. So, to exploit a system, they find technical fault or take advantage of human error. To counteract them, we need to adopt a similar mindset. Understandably, my answer could have been clearer for a non-technical person, as she looked baffled. Let me point out their abilities again:
- Technically Proficiency: They have deep knowledge of the system’s workings and where to find vulnerabilities. They also have good knowledge of programming and networking.
- Social Engineering: This art of human manipulation requires them to learn to play with human psychology. They know how to influence someone, scare, and create an emergency scene.
- Vulnerabilities exploitation: Because they are technically highly expert, they know where to find vulnerabilities. They use various programming, networking, and logical skills to find vulnerabilities and exploit them.
- Use of Malware: Malware is also part of social engineering. They can use their programming skills to develop highly sophisticated malware that bypasses most of the defense system. They can install malware for initial or, after initial access, then jump to a different system in a corporate network.
- Zero-day exploits: Highly advanced hackers may develop or purchase 0-day exploits for initial access.
- Continuous Learning: They are passionate about keeping their knowledge updated. Whenever a new defense is developed, they try to find new methods.
- Persistence and Patience: Hackers may spend months, even years, gathering technical or non-technical information and vulnerabilities.
I am sorry if I have listed so many things. But this is the truth. They always win because of their skills, not for having expensive tools or equipment that cost 100+ crore taka. The only way to protect from cyber attacks in Bangladesh, businesses, or government sectors is to stay one step ahead of hackers. Seems impossible? Yes, it is only possible if the cyber security culture is changed country or company-wide. On behalf of RedNode, I have a general approach. If implemented correctly, cyber attacks in Bangladesh may reduced to 70%.
Approach to Preventing Cyber Attacks in Bangladesh
There is no one-stop solution to prevent cyber attacks in Bangladesh. But some steps can be taken to reduce the possibility.
External Vulnerability Assessment & Penetration Testing
To protect your business from hackers, You need to think like the hackers to identify the same vulnerabilities they exploit. VAPT, conducted by external teams, is an effective method. But When selecting an external team, ensure they have certifications like OSCE3 or, at a minimum, OSCP. They should also have proven experience in offensive security assessments and be adept at manual penetration testing. Once the assessment concludes, prioritize addressing the identified vulnerabilities.
The issue is there are only a few OSCP certified in Bangladesh, and there may be no OSCE3. This is the reason we have built our team to solve the issue. We are also partnered with UK and Korean companies, so we never feel a skills shortage in RedNode.
We highly recommend that organizations provide cyber security awareness training to all their employees, including higher authorities and general officers, to protect themselves from cyber threats. The training will help them to understand common cyber attacks such as phishing attacks, malware attacks, and common social engineering attacks. Conversely, cyber security training should also be provided to the internally responsible team to enhance their skills and knowledge. The training will help them to monitor and detect threats more efficiently.
New Approach: Red Team Assessment
If we truly want to safeguard the IT space of Bangladesh, we need to think like a real adversary. This is where the Red Team Assessment is genuinely compelling. Red Team Assessments simulate real-world attacks against your organization’s infrastructure.
Benefits of Red Team Assessment
- Real-world Simulation: Red Team simulates real adversary’s tactics, techniques, and procedures(TTPs).
- Comprehensive Assessment: Not only vulnerability assessment, Red Team tests the weaknesses of digital, physical, and human.
- Defense Assessment: In Red Team Assessment involved in testing for detection and response, Antivirus and EDR, and other defense capability
- Internal Assessment: In-depth internal assessment for Privilege escalation, Active Directory exploitation, and finding other internal weaknesses is a big part of red team assessment.
The difference between Penetration Testing and Red Team assessment is that the expert finds all possible technical vulnerabilities in penetration testing. Conversely, the Red Team finds technical or human vulnerabilities for initial access and evaluates them in detail. Consider Red Teaming is real hacking for a good purpose.
If you believe you have a strong security team and a highly secured network, the Red Team assessment is the best choice to prove it. It is also the best choice if you want to address all possible vulnerabilities.
The frequency of such attacks has been growing day by day, making it a serious issue that can no longer be taken lightly.
At this moment, the immediate steps include Vulnerability Assessment and in-depth penetration Testing, Training Employees, And continuous monitoring of new attacks. The SOC is not that useful if a company keeps a door open for hackers.