ALTDOS operates mainly in the ASEAN region and has been involved in cyberattacks in stock exchanges and financial institutes in different countries
Beximco, one of the leading business groups of Bangladesh, has become a victim of a cyberattack by a band of hackers who go by the name of ALTDOS, according to DataBreaches.net.
ALTDOS operates mainly in the ASEAN region and has been involved in cyber attacks in stock exchanges and financial institutes in different countries, including Thailand, Bangladesh, Philippines and Malaysia.
“In total, ALTDOS has stolen hundreds of gigabytes of files, source coding and databases from 34 of Beximco websites, including its telecom subsidy—BOL-ONLINE.COM,” a spokesperson of the hacker group was quoted by DataBreachs.com that released a story on the hacking on Tuesday.
As proof, the group provided two samples of data and screencaps.
Earlier on January 10, the central bank issued an emergency cyber alert to its staff and officials after malware was detected in its server, which resulted in internet connection being cut off in the Bangladesh Bank headquarters for a week.
The $101 million cyber heist from the BB’s account with the Federal Reserve Bank of New York in February 2016, also happened because of a malware in the central bank’s Swift-RTGS system, which gave the band of hackers an entry into the central bank’s server.
But none of the data stolen by ALTDOS appeared super-sensitive although one of the files contained employee attendance information from September 24, 2018 to May 2019.
The stolen data include 56,000 payment records. However, there was nothing in there that would be problematic.
The other information stolen are names, departments, emails, IDs and attendance of 65,000.
There is no evidence that the hackers obtained any corporate IP, trade secrets or confidential communications from any of the conglomerate’s divisions.
Mohammad Asad Ullah, executive director and company secretary of Beximco Group, denied the incident of data breach altogether.
“Our website is OK,” he told Dhaka Tribune on Wednesday.
When alerted of the report on DataBreaches.net, he said: “The IT department is looking into the matter. Details can be told later.”
"On 12th January 2021 midnight, a security breach was detected in a public domain content server, which hosts some of the company websites of Beximco Group. Within 20 minutes following the incident, the server’s control was regained from the attackers and within the next five hours the contents were restored and the websites were back online," the company said in a statement on Friday,
The impacted server is not connected with any of Beximco Group's internal networks, it added.
Backdoor Private, a cybersecurity firm, has done quick research on the hacking incident and found various websites of Beximco are weak and outdated, which resulted in the hacking.
“Malware is still existing in its internal network, meaning more sensitive data can be breached. Immediate measures should be taken to remove the malware from the system,” Tanvir Hassan Zoha, managing director of Backdoor, told Dhaka Tribune.
He suggested for necessary actions to build real-time monitoring to protect its system from future compromise.
“This incident should be investigated properly to know how it happened,” he added.
According to Digital Security Act 2018, victims of hacking should seek legal action about the incident so that it is properly investigated and the culprits are detected and punished.
Unfortunately, in Bangladesh incidents of hackings or cyberattacks are hardly reported.
The hacking in Beximco is a clear signal to various government and private institutions whose sites and systems are not secured.
Often, the BB issues alerts about potential cyberattacks. Last year, several banks suspended transactions through ATM booths to prevent cyberattacks.
Cybersecurity experts say everybody, including banks and financial institutions, should follow the digital security policy given by the government.
They should establish incident response teams with proper digital forensic tools and trained human resources according to ISO compliances to make their systems hygiene.
The Digital Security Policy 2020 states that an organisation handling public-sensitive information have to establish a forensic lab having the standard of ISO/IEC/BDS 17025, ISO/IEC/BDS 15489, ISO/IEC/BDS 27037, ISO/IEC/BDS 27041, ISO/IEC/BDS 27042, ISO/IEC/BDS 27043, ISO/IEC/BDS 27050.
Nowadays, many corporate houses are using cloud computing for faster data connectivity but they cannot allow the transfer of data to the cloud of other countries without the permission of Digital Security Agency.
Many Bangladeshi companies do not follow the procedure, which cybersecurity analysts think may cause a data breach.