‘Cybercriminals are creating new ways of hacking’

/in


The Rapid Action Battalion (RAB) on Sunday busted a ring that hacked into the server of Computer Network Systems and scammed Tk1.20 crore through fake money receipts. The software firm is affiliated with the Bangladesh Road Transport Authority (BRTA). 

At the end of 2022, the same ring hacked the Dhaka Electric Supply Company Limited website and scammed around Tk1.50 crore by faking money transaction accounts.

The law enforcement agency members launched drives and arrested six members of the ring including ringleader computer engineer Sharear Islam from Dhaka and Gazipur last week.

We have seen incidents of hacking and phishing in the country before. Do you see anything new in the latest hacking of BRTA and DESCO’s payment gateways? 

There is a new dimension in the BRTA hacking incident. The hackers usually take the money away. But we have seen a different picture in this case. According to newspapers, the hackers provided the service to the customers and gave the customers fake receipts. This is a serious issue. 

I would say both BRTA and DESCO are just victims. Cybercriminals or hackers always search for vulnerable websites and launch attacks on websites which have security loopholes. If hackers want, they can target 50 more websites because the security measures are very weak on many websites. 

BRTA has been carrying out the job with the help of a third-party vendor. The latest incident means that cybercriminals are becoming sophisticated and they are creating new ways of hacking. 

The hackers have hacked the payment gateway of BRTA and the hackers have been successful in showing that the money has been paid without the payment of money. 

In general, when the transaction is completed in banks, then the software shows that the payment is done. But in this case, the hackers bypassed the process of the transaction in the bank. The hackers took the money from the clients but they might have kept the money in their accounts or somewhere else. 

What kind of initiatives should the government take now to minimise cyber-attacks or hacking? 

You know, in many offices, the job is done by different software firms on behalf of the government agency. Whenever the government will…

Source…