5.

Based on the Bangladesh bank case, what lessons can be drawn for other financial institutions in
terms of enhancing cybersecurity measures, conduction internal investigations, and responding to cyber
threats in real-time?

Answer: The Bangladesh Bank was shaken by a bold cyberattack in February 2016, which revealed
serious weaknesses in the world's financial system. Even though just $81 million was taken, the case
helped shed light on internal controls, real-time threat response, and cybersecurity weaknesses. Let us
explore the knowledge gained, ranging from strengthened authentication protocols to comprehensive
incident response strategies, in order to establish a new chapter in financial resilience.

Cybersecurity Measures:
 Multi-factor authentication (MFA) should be used, particularly for vital systems like SWIFT
access. Bangladesh was exposed by the single-factor authentication that was in place there.

 Segment the network: To prevent attacker movement and reduce damage, keep public-facing
systems and essential systems apart.

 Boost access controls by enforcing the least privilege principle and implementing role-based
access control (RBAC). Keep a careful eye on activities on privileged accounts.

 Regularly patch systems: Make sure that all systems, including third-party software, are patched
in a timely manner to eliminate vulnerabilities that hackers can exploit.

 Make use of intrusion detection and prevention systems (IDS/IPS): These are capable of real-
time malware detection and blocking.

 Conduct regular security audits and penetration testing: Identify and address vulnerabilities
before attackers exploit them.

 Perform frequent penetration tests and security audits: Prior to an attacker using a vulnerability,
identify it and fix it.

Internal Investigations:
 Establish a well-defined incident response strategy. This plan should specify what to do in the
event of a cyberattack, including recovery methods, containment tactics, and communication
protocols.

 Put together a committed incident response team: Give this team the knowledge and resources
they need to properly investigate and address cyberattacks.

 Preserve evidence: For forensic investigation, securely save any pertinent evidence, such as files,
logs, and network activity.

 Work together with outside specialists: When the inquiry calls for it, enlist the help of
cybersecurity specialists.

 Be transparent with stakeholders: Communicate openly and honestly with relevant

stakeholders, including customers, regulators, and law enforcement.
Responding to Cyber Threats in Real-time:
 Keep an eye out for unusual activity on systems: To identify possible threats early, use real-time
log, network traffic, and user activity monitoring.

 Establish quick reaction procedures: Clearly define what actions should be taken, such as
preventing unauthorized access and isolating impacted systems, when suspicious activity is
discovered.

 Communicate effectively: Immediately inform relevant stakeholders about the threat and the
steps being taken to address it.

 Learn from the attack: Analyze the incident to understand how it happened and how to prevent
future attacks.

 Share information with other institutions: Collaborate with other financial institutions to share
threat intelligence and best practices.

Additional Lessons:
 Strengthen international cooperation: Cybercrime is a global threat, and effective response
requires international cooperation between law enforcement agencies, governments, and
financial institutions.

 Review SWIFT security protocols: The SWIFT network was used in the Bangladesh attack,
highlighting the need for continuous improvement of its security measures.

 Invest in cyber insurance: Consider cyber insurance to mitigate financial losses in case of a
cyberattack.

Financial institutions may strengthen their cyber defense posture and better defend themselves against
cyberattacks by putting these principles into practice.