Following the theft of $101 million reserve of foreign currencies from Bangladesh Bank more than 8 years ago, the Information and Communication Technology Division (ICTD) aims to establish a Specialised Cyber Security Centre (SCSC) to prevent future cyber-attacks by strengthening the nation's cybersecurity framework.
The initiative is strategically designed to combat the increasing cybersecurity threats brought by the fourth industrial revolution (4IR), Internet of Things (IoT), Artificial Intelligence (AI), and blockchain technologies, said officials of the ICT division.
They said that a preliminary development project proposal (PDPP) with an estimated cost of Tk5,361 crore has been submitted to the Ministry of Planning for approval.
Department of Information and Communication Technology (DoICT) has been tasked to implement the project by June 2027 subject to the approval of the Executive Committee of the National Economic Council (Ecnec).
Officials from the Planning Commission indicated that a meeting will be convened to review the proposal, following which it will be forwarded to the Economic Relations Division (ERD) for consideration of securing a foreign loan for the project.
The proposal of the ICT division states that the Specialised Cyber Security Centre is highly relevant to the vision of Smart Bangladesh in 2041, which aims to create a technologically advanced and secure nation.
The centre will play a crucial role in safeguarding the integrity and security of the country's digital infrastructure, fostering trust in the digital realm, and driving digital transformation across various sectors, it added.
Furthermore, the centre contributes to improving governance and regulatory compliance in the digital domain while fostering innovation and entrepreneurship in the field of cybersecurity, it added.
The proposal also adds among the new types of risks in the new interconnected world, ensuring cybersecurity for everyone is paramount.
“Cybersecurity risks exist not only in cities and towns but also in rural areas, making it crucial to ensure the security of digital networks and information systems beyond central establishments, including district and sub-district levels, read the document,” it said.
The document highlighted some major cyber-attacks faced by Bangladesh, including the theft of foreign reserves from the Bangladesh Bank's account in the Federal Reserve Bank of New York, amounting to $101 million, in February 2016.
In 2019, around 9 ATMs of Dutch-Bangla Bank were compromised, resulting in the theft of approximately 16 lakh taka from various areas of the capital.
The system of "Shurokkha.com" has been compromised through phishing attacks to steal users' personal information.
Another notable incident was the hacking of Biman Bangladesh Airlines' email server in March 2023, the document revealed.
The proposal said that these incidents highlight the need for comprehensive and coordinated monitoring methods, where organisations can timely detect and defend against cyber threats.
Department of Information and Communication Technology Director General Md Mustafa Kamal said various types of risks are increasing with the development of the ICT sector.
In accordance with the needs of the future demand, cyber security should be increased in the development of IoT, AI and blockchain technologies, he added saying the project has been proposed keeping these goals in mind.
“Initiatives to boost cyber security required earlier considering the use of information technology and expansion of the industry in Bangladesh,” said Bdjobs.com CEO AKM Fahim Mashroor, who is the former president of the Bangladesh Association of Software and Information Services (Basis).
He said that the country faced several cyber-attacks following the reserve theft in Bangladesh Bank and termed the delay of more than 8 years in setting up a cyber-security centre after such incidents as irresponsible.
He also stated that the implementation of the initiative will play a positive role in the development of information technology in the country.
The officials of the ICT division said establishing a cyber-security centre and providing specialised services such as vulnerability assessment, penetration testing, and security operations centre (SOC) services will play a crucial role in identifying and mitigating potential cyber risks for organisations.
The centre will ensure network security, application security, internet security, information security, operational security, cloud security, endpoint security, and data security, they added.
It would enhance researching malware in the Cyber Security Center to understand its potential impact, how it spreads, and ways to detect and mitigate it, according to the PDPP.
The security centre would analyse immediate responses to privacy breaches, network intrusions, and other hacking-related issues to determine the root causes of cyber-attacks.
The centre would also collaborate and cooperate for the optimal implementation of cyber security with international organizations, governments, and non-governmental sectors.
It will provide training and increase awareness about the best practices for cyber security risk assessment and defense in various government and non-governmental institutions.