Bangladesh Bank has issued a high-alert warning to all banks, financial institutions, and digital payment service providers amid fears of a major cyberattack.
In a circular sent out on Wednesday, the central bank’s Information and Communication Technology (ICT) Division said critical information infrastructure across various sectors including banking, healthcare, and both government and private entities faces heightened risk of cyber threats in the coming days.
The warning outlines a series of preventive measures to reduce vulnerability and ensure rapid response in the event of an attack.
Among the directives, Bangladesh Bank instructed institutions to regularly update their servers, databases, and IT systems, and to disable unnecessary ports. All systems should adopt strict access control policies and ensure encrypted data transfer, storage, and processing.
Institutions are also required to implement multi-factor authentication for all critical systems and maintain consistent surveillance using advanced security tools.
The circular also emphasises the importance of routine data backups, recommending the widely accepted 3-2-1 strategy. Organisations must prepare and update incident response plans and keep dedicated teams ready to act swiftly if an intrusion occurs. Suspicious activity such as irregular login attempts, file changes, or external connections must be monitored and reported to the central bank immediately.
Additionally, Bangladesh Bank urged regular reviews of VPNs, remote access systems, and privileged user accounts to tighten internal control. It also called for the establishment of 24/7 security monitoring centers with sufficient staffing and the deployment of load balancers to ensure system stability.
Institutions were asked to revise and implement their business continuity and disaster recovery plans without delay.