Bangladesh Government’s Computer Incident Response Team (BGD e-GOV CIRT) is acting as the National CIRT of Bangladesh (N-CIRT) currently with responsibilities including receiving, reviewing, and responding to computer security incidents and activities. Under the Government of people’s republic of Bangladesh, BGD e-GOV CIRT reviews and takes necessary measures to resolve the issue with broad cybersecurity ramifications, conducts research & development and provides guidance on security vulnerabilities. BGD e-GOV CIRT also work with various government units, Critical Information Infrastructures, financial organizations, law enforcement agencies, academia & civil society to help to improve the cybersecurity defense of Bangladesh. BGD e-GOV CIRT has a very strong tie with international organizations and cybersecurity communities and working as a focal point of Bangladesh for trans-border cyber issues.

BGD e-GOV CIRT has currently the following active service components:

  • INCIDENT HANDLING UNIT
  • DIGITAL FORENSIC UNIT
  • CYBER AWARENESS & CAPACITY DEVELOPEMENT UNIT
  • CYBER SENSOR UNIT
  • CYBER RANGE UNIT
  • CYBER RISK ASSESSMENT UNIT
  • CRITICAL INFORMATION INFRASTRUCTURE UNIT
  • CYBER AUDIT UNIT
Main objectives of the BGD e-GOV CIRT are:
    • Manage cyber security in Bangladesh government’s e-Government network and related infrastructure;
    • Serve as a catalyst in organizing national cybersecurity resilience initiatives (education, workforce competence, regulation, cyber exercises) among various stakeholders;
    • Make efforts to establish national cyber security incident management capabilities in Bangladesh.

To achieve this goal, BGD e-GOV CIRT during the first stage of its development will:

    • Monitor the network for the events that affects security of the government network;
    • Carry out investigations and containment measures for cyber security events in order to minimize data loss or service disruption in the government network and e-services;
    • Help to solve security related issues in National Data Center (NDC) including provision of obligatory instructions for BCC personnel to secure NDC information resources;
    • Carry out preventive measures in order to minimize disruptions of secure operations of the government network and e-services;
    • Participate in international and national cyber security initiatives;
    • Promote and strengthen cyber security environment by developing, collaborating and maintaining relationships with other CIRTs and organizations in the country and abroad;
    • Support capacity building in cybersecurity of the existing manpower of BCC.

Our Constituency:

    Constituency of BGD e-GOV CIRT are all governmental institutions of Bangladesh. Constituency sector is “government” and constituency type is “mixed” (internal and external). Part of the constituency is using National Data Center (NDC) located at BCC where host their IT resources and services. BGD e-GOV CIRT supervises the following Autonomous System numbers, IP address space and domain names associated with the NDC:

    • AS63932
    • 43.229.12.0/22
    • 103.48.16.0/22
    • 114.130.54.0/23
    • 114.130.116.0/22
    • 180.211.213.0/24
    • bcc.gov.bd
    • bcc.gov.net
    • gov.bd

    The constituency range and description will be continuously checked and updated to ensure that all ICT resources which should be protected are covered by the designed and implemented incident management services.

BGD e-GOV CIRT definition as per RFC 2350

PGP signature with BGD e-GOV CIRT key for a document “RFC2350-BGD-e-GOV-CIRT-description-v1.0.pdf”

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAABAgAGBQJb0Z4NAAoJECUz8oCH3VSDOHsIAKRWET6VNSp5R1kRCDH9AlM/
R4dXBX/yxOEIzMnVMnlOL5hDeslHInWd6mt9kOKJoMQFj6LxLW2a9YxJHiJ2Tt6x
jPaVgFs/kBLgLXvzUbp9FcGuaZXiIuT0bkuPYpOlNEuh+DgQVg7ZGV9X4kEZWYfU
ycBY4iUmh6ssBqOXRE9Trg/kkD7+ni3h4sNWhMfen6t4yJ5w+eSCdrgzeSKPwrU0
oTp3oodcbGm+ojUcgqw17BvuiDOuvFSO2ov1S0TErfPd375hpf9dZzYYDhxAAWK7
4ctwDzPiZ/xdeoGqbk3+6v2gHbhYQ0H1J29D1yBwOqryaweMzMRzBnxlIAGhN0I=
=NAtG
-----END PGP SIGNATURE-----

Frequently Asked Questions:
    1. What can businesses do to protect themselves from cyber attack?

    • Identify your vital assets
    • Conduct a risk assessment and prepare practical and effective mitigation plan
    • Approve risk mitigation plan and implement actions
    • Do periodic awareness raising campaigns inside your company

    For guidance on preparation of a practical and effective mitigation plan please look at Cyber Security Controls for Effective Cyber Defense provided by the Center of Internet Security.