Sunday, 5th April 2026
Khabor Wala Desk
Published: 30th July 2025, 7:10 PM
In light of growing concerns over a potential large-scale cyberattack, Bangladesh Bank has issued an urgent security alert to all scheduled banks, financial institutions, and digital payment service providers operating in the country.
The alert, communicated via an official circular from the Information and Communications Technology (ICT) Division of Bangladesh Bank on Wednesday, 30 July, highlights the risk to the nation’s Critical Information Infrastructure (CII) and several key sectors, including banking, finance, healthcare, and both government and private organisations.
According to information received from multiple intelligence sources, these entities are potentially vulnerable to cyber intrusions, prompting the central bank to instruct all relevant institutions to undertake immediate cybersecurity measures.
Mandatory Cybersecurity Measures Advised by Bangladesh Bank
| No. | Recommended Measure |
| 1 | Regularly update servers, databases, and IT systems. |
| 2 | Disable unnecessary ports and ensure access is granted only to authorised users. |
| 3 | Implement the 3-2-1 backup strategy based on data sensitivity, ensuring regular backup and restore. |
| 4 | Mandate encryption for all data transfer, storage, and processing activities. |
| 5 | Enable Multi-Factor Authentication (MFA) on all critical systems. |
| 6 | Enhance use of security surveillance and tools for system protection. |
| 7 | Keep Endpoint Detection and Response (EDR), antivirus, and other security software updated and active. |
| 8 | Prepare incident response plans and maintain a dedicated cyber defence team. |
| 9 | Monitor for suspicious logins, file changes, or external connections; report as necessary. |
| 10 | Routinely audit and control remote access, VPNs, and privileged accounts. |
| 11 | Take swift action if any signs of cyberattack are detected and notify Bangladesh Bank immediately. |
| 12 | Ensure 24/7 security monitoring with adequate staffing. |
| 13 | Install load balancers and prepare contingency plans to maintain system stability and performance. |
| 14 | Update and implement Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP). |
A Call for Immediate Action
The central bank emphasised that the primary goal of these directives is to prevent potential cyberattacks, minimise possible damage, and ensure institutions can respond effectively and without delay.
The warning has been officially sent to the chief executives of all scheduled banks, financial institutions, and payment service providers. Bangladesh Bank further warned that any negligence in enforcing cyber protection measures could cause serious disruption to the country’s financial sector.
Institutions have been urged to act without delay and immediately implement all required protective strategies to strengthen their cybersecurity posture
Comments