Common Vulnerabilities in Cyber Space of Bangladesh
by CIRT Team
In recent years, Bangladesh has become one of the most vulnerable countries in cyber space. Cyber-attacks often took place, which caused loss of assets in very recent time. With the increasing number of internet users, the number of attacks ratio is also going up. According to the Kaspersky Security Bulletin 2015, Bangladesh is in the second position in the level of infection among all the countries. 69.55% unique users are in the highest risk of local virus infection in Bangladesh. 80% users are the victim of spam attack according to Trend Micro Global Spam Map. In a recent test of two hours that was run in Bangladesh Computer Council, total number of infected IP in Bangladesh was 34552. IP’s of renowned companies like Grameen Phone, Banglalion, and Link 3 were also found in that list.
Several attacks have taken place at financial organizations recently in Bangladesh. Bangladesh Bank faced a heist a few months ago, which caused a big financial loss. Bangladesh police alleged that technicians associated with the SWIFT financial network introduced vulnerabilities into the banking software that made it easier for hackers to infiltrate the systems of Bangladesh Bank. These network weaknesses allowed hackers to carry of $81 million from Bangladesh’s Central Bank in February. Bangladesh Bank said that the Hackers Tried to steal $951 Million. After Bangladesh Bank Incident, some other private banking institutes became victims of similar cyber-attacks as well. These scenarios indicate that cyber security of Bangladesh is in danger.
According to Microsoft Security Intelligence Report 2015 (Volume 20), on computers running real-time security software, most attempts by malware to infect computers are blocked before they succeed. To understand the malware landscape, it’s important to consider infection attempts that are blocked as well as infections that are removed. For this reason, Microsoft uses two different metrics to measure malware prevalence:
- Encounter rate is simply the percentage of computers running Microsoft real-time security products that report a malware encounter, whether the infection attempt succeeds or not.
- Computers cleaned per mille (thousand), or CCM, is an infection rate metric that is defined as the number of computers cleaned for every 1,000 unique computers executing the Malicious Software Removal Tool (MSRT), a free tool distributed through Microsoft update services that removes more than 200 highly prevalent or serious threats from computers.
Table 1 shows the encounter and infection rate trends for Bangladesh over the last four quarters in 2015, compared to the world as a whole.
Table 1: Encounter rate and CCM in Bangladesh compared to world
| Metric | 1Q15 | 2Q15 | 3Q15 | 4Q15 |
| Encounter rate, Bangladesh | 44.10% | 39.70% | 42.50% | 57.20% |
| Worldwide encounter rate | 17.60% | 15.30% | 17.80% | 20.80% |
| CCM, Bangladesh | 29.8 | 32.7 | 25 | 40.3 |
| Worldwide CCM | 5.4 | 8.4 | 6.1 | 16.9 |
Now if we look at the malware categories, we will see that the most common malware category in Bangladesh in 4Q15 was Worms. It was encountered by 29.6 percent of all computers there, up from 21.1 percent in 3Q15. The second most common malware category in Bangladesh in 4Q15 was Trojans. It was encountered by 22.9 percent of all computers there, up from 19.4 percent in 3Q15. The third most common malware category in Bangladesh in 4Q15 was Viruses, which was encountered by 9.0 percent of all computers there, up from 6.3 percent in 3Q15.
The following chart is showing the statistics of malware encountered in Bangladesh in 3Q15 and 4Q15 by category:
Chart 1: Malware encountered in Bangladesh in 3Q15 and 4Q15 by category
In unwanted software categories, the most common unwanted software category in Bangladesh in 4Q15 was Browser Modifiers. It was encountered by 15.6 percent of all computers there, down from 15.7 percent in 3Q15. The second most common unwanted software category in Bangladesh in 4Q15 was Software Bundlers. It was encountered by 13.7 percent of all computers there, up from 8.2 percent in 3Q15. The third most common unwanted software category in Bangladesh in 4Q15 was Adware, which was encountered by 1.8 percent of all computers there, up from 1.5 percent in 3Q15.
The most common malware families encountered in Bangladesh in 4Q15 are shown in the Table 2.
Table 2: Common malware families encountered in Bangladesh in 4Q15
| Sl. No. | Family | Most Significant Category | % of reporting computers |
| 1 | Win32/Ippedo | Worms | 15.6% |
| 2 | Win32/Gamarue | Worms | 15.3% |
| 3 | INF/Autorun | Obfuscators & Injectors | 7.0% |
| 4 | Win32/Ramnit | Viruses | 6.3% |
| 5 | Win32/CplLnk | Exploits | 5.3% |
| 6 | VBS/Jenxcus | Worms | 5.1% |
| 7 | Win32/Skeeyah | Trojans | 4.1% |
| 8 | Win32/Sality | Viruses | 3.7% |
| 9 | Win32/Peals | Trojans | 3.2% |
| 10 | Win32/Dynamer | Trojans | 3.1% |
Table 3 shows the most common unwanted software families encountered in Bangladesh in 4Q15.
Table 3: Common unwanted software families encountered in Bangladesh in 4Q15
| Sl. No. | Family | Most Significant Category | % of reporting computers |
| 1 | Win32/ Diplugem | Browser Modifiers | 6.0% |
| 2 | Win32/ SupTab | Browser Modifiers | 6.0% |
| 3 | Win32/Dowadmin | Software Bundlers | 5.7% |
| 4 | Win32/OutBrowse | Software Bundlers | 3.5% |
| 5 | Win32/Mizenota | Software Bundlers | 3.4% |
The most common threat malware families by infection rate in Bangladesh in 4Q15 are represented in Table 4.
Table 4: Common threat malware families by infection rate in 4Q15
| Sl. No. | Family | Most Significant Category | Infection rate (CCM) |
| 1 | Win32/ Diplugem | Browser Modifiers | 18.0 |
| 2 | Win32/Gamarue | Worms | 9.2 |
| 3 | Win32/Sality | Viruses | 5.2 |
| 4 | Win32/Ramnit | Viruses | 4.7 |
| 5 | VBS/Jenxcus | Worms | 3.2 |
| 6 | Win32/Blakamba | Trojans | 1.7 |
| 7 | Win32/Virut | Viruses | 1.3 |
| 8 | Win32/Peals | Trojans | 0.8 |
| 9 | Win32/Chir | Viruses | 0.5 |
| 10 | Win32/Necurs | Trojans | 0.5 |
Attackers often use websites to conduct phishing attacks or distribute malware. Malicious websites typically appear completely legitimate and often provide no outward indicators of their malicious nature, even to experienced computer users. In many cases, these sites are legitimate websites that have been compromised by malware, SQL injection, or other techniques, in an effort by attackers to take advantage of the trust users have invested in them. The table below shows the statistics of malicious websites for Bangladesh.
Table 5: Malicious Website Statistics for Bangladesh
| Metric | 3Q15 | 4Q15 |
| Drive-by download pages per 1,000 URLs (Worldwide) | 0.71
(0.22) |
0.25
(4.7) |
| Phishing sites per 100,000 Internet users (Worldwide) | 0.25
(4.7) |
0.18
(3.9) |
| Malware hosting sites per 100,000 Internet users (Worldwide) | 12.97
(56.2) |
5.89
(26.4) |
It is clear that the vulnerability level of cyber space is increasing day by day in Bangladesh. To mitigate the impact, new technologies and services must be adopted to cope with the situation as well as competition. Technological and legal advancement is necessary to overcome the cyber-threats. It is also necessary to create awareness among internet users to reduce cybercrime. Proper precautions and quick rectification can lessen the cavities in secure online operations.
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
