Bangladesh Cyber Threat Landscape 2023

In 2023, Bangladesh has faced an intensifying cyber threat landscape, characterized by increasingly sophisticated and multifaceted attacks. The renowned APT group SideWinder has been identified executing a targeted phishing campaign, employing domains that deceptively mimic official Bangladeshi websites to compromise sensitive information from government and law enforcement entities. Concurrently, there has been a marked surge in ransomwarerelated incidents, with malware infections increasing by approximately 71.39%. These threats exploit critical Remote Code Execution vulnerabilities, with significant malware strains such as M0yv, Phorpiex, and Necurs being linked to various ransomware variants including Maze and Locky. Additionally, vulnerabilities within MySQL and Microsoft SQL services have been specifically targeted. Hacktivist groups, primarily from South Asia, have also intensified their activities, orchestrating numerous DDoS attacks, website defacements, and data leaks driven by ideological motives, resulting in considerable disruptions to digital operations. The escalation of phishing attacks, encompassing advanced techniques such as email phishing, spear phishing, and social media phishing, has further exacerbated the risk, inflicting substantial financial and reputational damage. Furthermore, the proliferation of info stealer malware, designed to extract and exploit sensitive data including login credentials and financial information, has compounded the cyber threat scenario. This evolving threat environment underscores the critical need for robust cybersecurity measures and heightened vigilance across all sectors in Bangladesh.

Get and Download the full document here