What Bangladesh Govt Might Learn from latest $81M Loss

Using open source software is a viable and proven method of combatting cyber-crime

Credits to Zeeshan Hasan who is a director of Kazi Media, the company behind Deepto TV.

Social networking, internet and cyber security concept

It’s encouraging to read that the government understands the seriousness of the loss of $81 million dollars via the hacking of Bangladesh Bank, and that a cyber-security agency is going to be formed to prevent further disasters. Currently, information security in each government department is up to the internal IT staff of that department.

It is not surprising that the internal IT staff of various government departments have no idea of information security, as they have never been selected for that knowledge or trained in it. Rectifying this situation and urgently correcting many obvious information security-related problems within government offices at reasonable cost should be the job of the cyber-security agency.

Until recently, the sole responsibility of IT staff in government departments was maintaining PCs and network hardware, and purging viruses from out-of-date and often unlicensed/pirated copies of Microsoft Windows. The use of unlicensed/pirated/outdated operating systems in government offices is a huge security risk, and may have contributed to the Bangladesh Bank hacking.

Given the easily hackable use of Windows XP across government departments, the cyber-security agency needs to urgently undertake the task of replacing all the unlicensed/pirated software either with licensed copies of Windows or with free/open source equivalents

Government departments should never run unlicensed/pirated copies of MS Windows or any other software. Unlicensed copies of MS Windows are generally installed from old installation CDs of out-of-date versions such as Windows XP, which no longer gets security updates from Microsoft and so is impossible to protect from hacking.