Last week I told you about bug fixes announced by Android as part of its May security bulletin. Well, over the weekend Samsung began releasing fixes for 27 vulnerabilities. Twenty-one of those are labeled as high severity. Handsets affected are the S9, Note 8 and S8 phones. Make sure you get them installed. Those of […]
Credits to Zeeshan Hasan who is a director of Kazi Media, the company behind Deepto TV.
It’s encouraging to read that the government understands the seriousness of the loss of $81 million dollars via the hacking of Bangladesh Bank, and that a cyber-security agency is going to be formed to prevent further disasters. Currently, information security in each government department is up to the internal IT staff of that department.
It is not surprising that the internal IT staff of various government departments have no idea of information security, as they have never been selected for that knowledge or trained in it. Rectifying this situation and urgently correcting many obvious information security-related problems within government offices at reasonable cost should be the job of the cyber-security agency.
Until recently, the sole responsibility of IT staff in government departments was maintaining PCs and network hardware, and purging viruses from out-of-date and often unlicensed/pirated copies of Microsoft Windows. The use of unlicensed/pirated/outdated operating systems in government offices is a huge security risk, and may have contributed to the Bangladesh Bank hacking.
Given the easily hackable use of Windows XP across government departments, the cyber-security agency needs to urgently undertake the task of replacing all the unlicensed/pirated software either with licensed copies of Windows or with free/open source equivalents
Government departments should never run unlicensed/pirated copies of MS Windows or any other software. Unlicensed copies of MS Windows are generally installed from old installation CDs of out-of-date versions such as Windows XP, which no longer gets security updates from Microsoft and so is impossible to protect from hacking.