ECONOMIST

Islami Bank’s new managing director takes charge

সোমবার, ০৯ জানুয়ারী ২০১৭

09 January 2017 Md Abdul Hamid Miah today took charge of his duties as the Managing Director and Chief Executive of Islami Bank Limited.

Md Abdul Hamid Miah. Photo: Collected from Islami Bank's website

Bangladesh Bank approved his appointment after Islami Bank's board of directors nominated him for the post on January 5 at a conference in Dhaka, according to a press release issued this afternoon.

READ MORE: Major changes in Islami Bank key positions

He previously served as the managing director of Union Bank, Rupali Bank and Shilpa Bank (now Bangladesh Development Bank), the release added.

Several little-known local companies have bought the bulk of the local shares in the Islami Bank Limited over the last one and a half years, leading to the latest reshuffle at its top level, according to the bank officials.

READ MORE: Changing of the guard at Islami Bank

Changes have been made to the posts of the bank's chairman, managing director, heads of various committees and chief of the Islami Bank Foundation in line with a decision at the bank's board meeting on Thursday.

 

WB offers $100m to fortify insurance, pension sectors

মঙ্গলবার, ০১ নভেম্বর ২০১৬

01 November 2016 The World Bank has offered Bangladesh $100 million for strengthening the insurance sector and the private pension market so that the financial sector can give better service to the people.

The Washington-based multilateral lender has recently sent a draft proposal to the finance ministry in this regard.

There has been notable progress in financial sector development over the years increasing the depth of the financial sector from 12 percent in 1980 to 70.8 percent in June 2013, the draft proposal said.

Progress has been made in many other fronts as well including the strengthening of banking sector regulation and supervision, financial access to households and recent efforts to fortify state-owned banks.

“But this remains an unfinished agenda, especially with regard to the insurance and pension sector.”

Subsequently, it suggested $35 million for strengthening the Insurance Development and Regulatory Authority and Bangla-desh Insurance Academy, $40 million for   the modernisation of state-owned insurance companies and $20 million for developing a private pension market.

A WB mission has already visited Bangladesh with the draft proposal and held meetings with concerned officials of various ministries, a finance ministry official said.

The finance division has suggested the WB take separate projects for the insurance and pension sectors, he said.

Direct support for the IDRA from the WB will involve providing advisory and capacity building services as well as equipment to upgrade IDRA's regulatory and supervisory functions.

To increase its capacity, the IDRA has to formulate rules, regulations and guidelines to set up risk-based solvency rules, improve products for life and non-life insurance and market practice including micro-insurance, the WB said.

Under the project, support to develop new insurance distribution channels such as bank assurance, automation/digitisation of insurance sales/service and improve claim management system will be provided.

Various insurance companies, both life and general, are operating in the country but there are no regulatory authorities for them, said the finance ministry official.

The government has been considering raising the power of the IDRA to international standards with financial and technical assistance from the WB.

Like the state banks, the nationalised insurance companies have various weaknesses, especially in case of digitisation.

Under the project, the WB has proposed strengthening policy and practices on reinsurance mechanism of state-owned Sadharan Bima Corporation and Jiban Bima Corporation.

The WB mission found that state-owned companies do not meet the international best standards, the official said.

The IDRA will regulate the state-owned and private companies in the same manner and ensure that there will be no discrimination, the WB also said.

 
 

Muhith for tax on everyone’s income

বুধবার, ০৭ সেপ্টেম্বর ২০১৬

07 September 2016 No matter what the amount is, everyone with an income should pay tax, Finance Minister AMA Muhith proposed today.

“Whatever the amount is, Tk 5 or 10, a person having an income should pay tax on a compulsory basis,” Muhith said at a seminar at Officers' Club, Dhaka in the morning.

He was thinking about this idea for a long time, the finance ministers added.

He was addressing the seminar on National Board of Revenue (NBR) Payroll Tax and Tax Net Expansion as a chief guest.

 
 

No plans to sue Fed, SWIFT, says Bangladesh Bank

মঙ্গলবার, ১৬ আগস্ট ২০১৬

16 August 2016 Bangladesh's central bank said it has reversed its plans to sue the Federal Reserve Bank of New York and the SWIFT money transfer network, and instead intends to seek their help recovering $81 million stolen by cyber thieves in February.

"At the moment we have no plan to go for any legal action against the Fed bank or SWIFT; rather we will seek their assistance," said Subhankar Saha, the spokesman for Bangladesh Bank. He declined to provide reasons for the turnabout.

A source close to the Asian central bank last month said it was preparing litigation to seek compensation, claiming errors by the New York Fed and SWIFT had made Bangladesh Bank vulnerable. In the February heist, hackers issued false transfer orders on the SWIFT network to move funds out of Bangladesh Bank's account at the Fed.

Bangaldesh's finance minister had also said in March he was weighing legal action.

"We only assessed different options, including the legal (option)," Saha said on Tuesday. "We look forward to cooperation both from the Fed and SWIFT."

Officials from the Fed and Bangladesh Finance Minister Abul Maal Abdul Muhith were not immediately available for comment.

The shift came as meetings were to begin in New York on Tuesday between officials from Bangladesh Bank, the New York Fed and SWIFT. It also comes after the New York Fed last week published its standard contract with correspondent banks, which spells out that the burden of preventing and reporting breaches lies largely with the correspondent bank, in this case Bangladesh Bank.

Saha said there was no link between the decision not to pursue a lawsuit and the contract. "We were assessing options, and we prefer cooperation," he said.

Deputy Governor Abu Hena Mohammad Razee Hassan, who is heading the Bangladesh Bank team in the New York meetings, said the bank operates under the standard Fed contract. He did not comment on any possible lawsuit.

The standard contract includes a requirement for the correspondent bank to "immediately" notify the US central bank when it learned it was hacked, and to give the Fed "a reasonable opportunity to act" on cancellation requests. The Fed was bound to then "make reasonable efforts" to halt any fraudulent payments it had made.

The New York Fed is liable for acting on unauthorized payments only if it does not comply with agreed authentication messages, or fails to exercise good faith when filling a payment request, according to the contract.

The published contract notes litigation must be heard in a US court.

In the Feb. 4 heist, the hackers peppered the Fed with payment requests, four of which were filled. Much of the money disappeared into casinos in the Philippines.

Reuters reported last month that Bangladesh Bank did not realize it had been hacked and d id not attempt to alert the New York Fed until two days after the money had been sent. By that time, a weekend in New York, the Fed took two more days to respond.

Reuters also reported that the New York Fed attempted and failed to cancel the payments and did not immediately inform Bangladesh Bank of its efforts.

 
 

Bangladesh officials to meet Fed, US investigators over heist: sources

সোমবার, ১৫ আগস্ট ২০১৬

15 August 2016 A team from Bangladesh will meet officials of the Federal Reserve Bank of New York, the Federal Bureau of Investigation and the US Department of Justice this week in New York in connection with the cyber theft of $81 million from the South Asian country's central bank in February, sources said.

Two people close to the Bangladesh central bank said the goal of the meetings starting on Tuesday would be to discuss what led to the heist, carried out by unidentified hackers, and how such events can be prevented in future.

A New York Fed official told Reuters the aim would be "to understand what happened, what remediation steps have been taken by Bangladesh Bank to meet its contractual obligations, and to begin a path to normalize operations."

In one of the largest cyber heists ever, hackers penetrated Bangladesh Bank's systems and sent the New York branch of the US central bank dozens of payment requests from an account it maintained for Bangladesh. They sought nearly $1 billion, and $81 million was paid out and lost.

The New York Fed in June wrote to the Philippines' central bank, prodding it to help Bangladesh Bank recover the money that was transferred to beneficiary accounts at the Manila-based Rizal Commercial Banking Corp (RCBC) before most of that was laundered through casinos there.

Bangladesh Bank officials believe the nudge from the New York Fed was one of the reasons the Philippines central bank last week slapped a record fine of 1 billion pesos ($21 million) on RCBC in connection with the heist, and that it was important to sustain the pressure. Bangladesh Bank holds RCBC accountable for letting most of the money out despite stop-payments requests from Dhaka.

But Maria Celia Estavillo, RCBC's legal and regulatory affairs head, told Reuters her bank should not be held accountable for the loss and that they were "victims too".

"The theft took place in Bangladesh and the money is not with RCBC," she said in an interview last Tuesday. "They know where the money went. They should pursue them. We believe that people who received the funds should return the funds."

Bangladesh Bank hopes the meetings in New York will prompt the Philippines to work towards retrieving the money, said the sources with direct knowledge of the meetings. Bangladesh's central bank already has said it had a commitment from Philippines President Rodrigo Duterte that the money would be returned.

The meetings with the FBI and Justice Department will help to identify the hackers, who remain at large more than six months after the heists, said one of the sources.

The New York Fed declined to comment. Bangladesh Bank spokesman Subhankar Saha could not immediately be reached for comment. The FBI and Justice Department, both of which are investigating, did not immediately respond to calls.

Bangladesh police have been working with FBI officials but this would be a rare meeting between Bangladesh Bank officials and the US agency.

The team from Dhaka will consist of Bangladesh Bank Deputy Governor Abu Hena Mohd. Razee Hassan, Abdul Rab from its financial intelligence unit, the bank's lawyer Ajmalul Hossain, Debdulal Roy from its information systems development department and Zakir Hossain Chowdhury from its accounts department.

 
 

Using gas to cook food is a waste of energy: Muhith

শনিবার, ১৩ আগস্ট ২০১৬

13 August 2016 Finance Minister AMA Muhith today said consumption of natural gas by households would be completely discontinued as the energy is too precious to be used in cooking food or boiling water.

“Our gas reserves are very insignificant. So, using gas to cook food is a waste of energy,” he told during a seminar at Petrobangla in Dhaka.

The government has stopped giving permission to new gas connections, particularly to households, for the last six years amid dwindling of gas reserves. But demands for getting new gas connections are growing in various parts of the country.

“But the movement would not give any result,” said Muhith. “Our first priority would be cancelling the usage of gas for household purposes. We have to convince the people that it is a waste.”

The minister spoke at the seminar organised on the occasion of the National Energy Security Day.

The government declared August 9 as the National Energy Security Day in 2010. On this day in 1975 Bangabandhu Sheikh Mujibur Rahman bought five gas fields from Shell Oil Company at only £4.4 million.

 
 

ACC arrests ex-AB Bank DGM for amassing Tk 325cr

রবিবার, ১৭ জুলাই ২০১৬

17 July 2016 Anti-Corruption Commission today arrested a former deputy general manager of AB Bank Limited in a case filed yesterday over misappropriation of Tk 325 crore back in 2011.

Badrul Haque Khan, now a general manager of Bangladesh Bank, was deputy general manger and head of credit of AB Bank’s principal branch at the time of the crime.

ACC’s public relation officer Pranab Kumar Bhattacharjee confirmed The Daily Star of the update and said another Jashim Uddin Chowdhury, director of Rising Steel Mills, was also arrested.

The lawsuit concerned was filed against six persons, including BNP leader Aslam Chowdhury, yesterday with Chittagong’s Doublemooring Police Station.

 
 

Factory safety group sticks by Bangladesh after attacks

বুধবার, ১৩ জুলাই ২০১৬

13 July 2016 A group of fashion brands and retailers including Gap and Wal Mart working to improve safety in Bangladeshi factories, are still committed to sourcing from the country despite a series of attacks claimed by "Islamist militants".

"Member companies will continue to stay the course," James Moriarty, country director for the Alliance for Bangladesh Worker Safety, told a conference call for journalists. "I am not aware of brands withdrawing or cancelling contracts."

The Alliance of mostly North American companies was set up in 2013 to improve safety in Bangladeshi factories after the collapse of the Rana Plaza complex in which more than 1,100 people died.

Some foreign companies working in Bangladesh's garment industry have suspended travel to the country after an attack by Islamist militants on a restaurant in Dhaka on July 1.

The US State Department on Monday warned Americans to consider carefully whether they need to travel to Bangladesh.

"The advice from most embassies is to keep as low a profile as possible," said Moriarty, a former US ambassador to Bangladesh, who said he had returned to Dhaka on Saturday.

Moriarty said many major brands were holding off on sending foreign staff to the country, although most had Bangladeshi or South Asian staff leading their operations in the country.

"I do have confidence that the people who are committing these attacks are a very small minority with very small support," he said.

Moriarty said the Alliance - set to run until 2018 - was ahead of schedule in improving safety at the some 700 factories its 28 members work with in Bangladesh, calling the safety drive a "moral imperative".

In the first quarter of 2016, the Alliance suspended another six factories for failing to do enough to improve safety, bringing the total to 83, while Moriarty said 28 factories have completed plans to address safety issues.

 
 

Khaleda sends Eid greetings to Hasina

সোমবার, ২৭ জুন ২০১৬

27 June 2016 BNP Chairperson Khaleda Zia sent Eid greetings to Awami League President and Prime Minister Sheikh Hasina today.

A three-member delegation of BNP handed over the greetings card to AL’s Dhanmondi office in the afternoon.

BNP’s social welfare affairs secretary Abul Khayer Buiyan confirmed it to The Daily Star.

 
 

Banks to remain shut July 4

রবিবার, ২৬ জুন ২০১৬

26 June 2016 Bangladesh Bank and all other scheduled banks will remain closed on July 4.

Instead, the banks will remain open on July 16 although it is Saturday, Anwarul Islam, a spokesperson for Bangladesh Bank, told The Daily Star today.

To facilitate the distribution of salary among garment workers, bank branches in RMG zones will remain open on July 2 and 3, the BB official said.

The government on June 22 announced July 4, the only workday between the Shab-e-Qadr and Eid holidays, as a public holiday, paving the way for a nine-day vacation starting from July 1.

The first two days of July are the weekend, while the next day will be another holiday for Shab-e-Qadr. The next three days will be the official holiday for Eid followed by another weekend. It means the public servants will have their vacation from July 1 till July 9.

 
 

Govt backtracks on new VAT law

বৃহস্পতিবার, ০২ জুন ২০১৬

02 June 2016 The government has backtracked on its move to implement the new VAT law from the start of the new fiscal year in the face of resistance from businesses, a section of revenue officials and inadequate preparation by the National Board of Revenue (NBR).

It became apparent from the finance minister’s disclosure during his budget speech when he said that the VAT and Supplementary Duty Act 2012, which envisages a universal 15 percent VAT rate, have been rescheduled to be effective from July, 1 2017.

Instead of going ahead with the new law, AMA Muhith seeks to increase VAT for various goods and services including small businesses, particularly shop owners who have been demanding of continuation of package or fixed VAT.

“Unfortunately, the necessary preparation for achieving the above objective is far from satisfactory. Under the above circumstances, government has decided not to fully implement the new act from the next financial year,” Muhith said, in his budget speech at the parliament today.

“Our objective to implement the new act has not changed, we will only implement the new Act after one year,” he told the parliament.

This would be second year the government backtracked on its stance to enforce the law that will replace the VAT law of 1991.

Initially, the government vowed to implement the legislation, framed at the prescription of the International Monetary Fund, from July 2015.

However, it failed to proceed with the plan due to lack of preparation of the revenue authorities and resistance from within the NBR and the business community.

Businesses demand implementation of recommendations of a panel, formed by the government in 2014 by including their representative. The committee suggested multiple rates for VAT on goods and services.

 
 

Bangladesh probes 2013 Sonali Bank hack for links to central bank heist

বৃহস্পতিবার, ২৬ মে ২০১৬
26 May 2016 Bangladesh police are reviewing a nearly forgotten 2013 cyber heist at the nation’s largest commercial bank for connections to February's $81 million heist at the country's central bank, a senior law enforcement official said on Wednesday.

The unsolved theft of $250,000 at Sonali Bank involved fraudulent transfer requests sent over the SWIFT international payments network. It is not widely known outside of Bangladesh, and in fact was treated as a cold case until Bangladesh police revived the investigation after thieves in February also used the SWIFT network to steal $81 million from Bangladesh Bank.

Sonali Bank said it had informed SWIFT about the 2013 heist at the time and also unsuccessfully tried to recover the money from the recipients in Turkey, said one bank source.

Thieves in the 2013 robbery used tactics similar to those used by the yet-to-be-identified criminals in the Bangladesh Bank heist — using the SWIFT money-transfer system to divert bank funds, said a senior bank official.

Authorities are now reviewing the case to see if there are any links that can help them track down the criminals behind the Bangladesh Bank heist.

At Sonali Bank, hackers installed key-logger software on a computer to gain passwords to other systems, then sent fraudulent transfer requests over SWIFT, said the senior bank official who is part of its IT operations.

Police arrested two employees who had responsibility for initiating and approving money transfer instructions, but they were later freed without being charged.

Sonali Bank Managing Director Pradip Kumar Dutta told Reuters that the attackers remain at large and no money has been recovered.

“We could not find out what happened," the official said.

 

 

The Sonali Bank cyber heist is the fourth documented case involving fraudulent SWIFT messages and the earliest known case to surface. It is not known whether any of the robberies, including the two attacks on Bangladesh banks, are related.

The two other cases that have come to light are a $12 million theft from Banco del Austro in Ecuador in January and an attack on Vietnam's Tien Phong Bank in December that was not successful.

The Sonali Bank theft was reported by Bangladesh media at the time, but has faded from public memory. Police said they only recently became aware of similarities with the central bank heist.

"This is an interesting issue that we've come to know," said the senior police official, who declined to be identified further. "We'll have to look into it."

News of these attacks has tested faith in the security of SWIFT, a key conduit for global financial transactions that is used by more than 11,000 banks and other institutions.

Regulators and banks have already implemented reviews of SWIFT security measures to determine whether other banks could be vulnerable to similar attacks. SWIFT spokesperson Natasha de Teran declined to comment on the Sonali case.

"We are actively looking into other possible instances of such fraud, but we will not comment on individual entities," she said.

Bangladesh's Anti Corruption Commission, which investigated the Sonali case, did not have an immediate comment.

 
 

SWIFT to unveil new security plan after BB heist

মঙ্গলবার, ২৪ মে ২০১৬

24 May 2016 The SWIFT secure messaging service that underpins international banking said it plans to launch a new security programme as it fights to rebuild its reputation in the wake of the Bangladesh Bank heist.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT)'s chief executive, Gottfried Leibbrandt will tell a financial services conference in Brussels that SWIFT will launch a five-point plan later this week.

Also READ: Bangladesh Bank heist trail goes cold in Manila as probes falter

Banks send payment instructions to one another via SWIFT messages. In February thieves hacked into the SWIFT system of the Bangladesh central bank, sending messages to the Federal Reserve Bank of New York allowing them to steal $81 million.

The attack follows a similar but little noticed theft from Banco del Austro in Ecuador last year that netted thieves over $12 million and a previously undisclosed attack on Vietnam's Tien Phong Bank that was not successful.

READ more: SWIFT tells banks to share information on hacks

The crimes have dented the banking industry's faith in SWIFT, a Belgium-based co-operative owned by its users.

The Bangladesh Bank hack was a "watershed event for the banking industry", Leibbrandt will say.

"There will be a before and an after Bangladesh. The Bangladesh fraud is not an isolated incident ... this is a big deal. And it gets to the heart of banking."

SWIFT wants banks to "drastically" improve information sharing, to toughen up security procedures around SWIFT and to increase their use of software that could spot fraudulent payments.

SWIFT will also provide tighter guidelines that auditors and regulators can use to assess whether banks' SWIFT security procedures are good enough.

Leibbrandt will again defend SWIFT's role, saying the hacks happened primarily because of failures at users. However, some finance industry executives say SWIFT has not been as active as it should be in improving security.

Users frequently do not inform SWIFT of breaches of their SWIFT systems and even now, the co-operative has not proposed any sanctions for clients who fail to pass on information, which SWIFT itself says is key to stopping future attacks.

Some critics say SWIFT should also be more active in auditing clients and be ready to cut off members whose security is not up to scratch.

But the messaging service says other authorities also have a role.

"SWIFT is not all-powerful, we are not a regulator and we are not a policeman," Leibbrandt will say.

Former SWIFT Chief Executive Leonard Schrank said it appeared that SWIFT's security efforts had not kept pace with the criminals increased sophistication and that the co-operative needed to work hard to restore its reputation.

"They really have to earn that credibility back," he told Reuters.

 
 

BB official's computer was hacked to carry out $81 million heist, says Bangladesh’s ambassador to Philippines

বৃহস্পতিবার, ১৯ মে ২০১৬
19 May 2016 A Bangladeshi central bank official's computer was used by unidentified hackers to make payments via SWIFT, and carry out one of the biggest-ever cyber heists, a Bangladeshi diplomat said on Thursday at the end of a Philippine Senate inquiry.

Print Friendly and PDF
0


1

0

There were certain indications about who the hackers were, Bangladesh Ambassador John Gomes told a panel looking into how the $81 million in stolen money ended up in the Philippines, citing information shared by the US Federal Bureau of Investigation.

Gomes said the hackers were neither in the Philippines nor in Bangladesh, but he had no other information.

"One of our bank officials who is in the group that makes payments, that passes the payment instructions, his computer was hacked," Gomes said.

"It was a Friday when the attack happened and the Bangladesh central bank is totally shut down. It was all sealed and no one goes to the bank on that day."

There was no evidence directly linking anyone in Bangladesh to the February cyber heist, Gomes said.

 

Bangladesh's ambassador John Gomes with Philippines Senator Teofisto Guingona Jr.

Bangladesh's ambassador John Gomes with Philippines Senator Teofisto Guingona Jr.

The hackers sent fraudulent messages, ostensibly from the central bank in Dhaka, on the SWIFT system, to the New York Federal Reserve seeking to transfer nearly $1 billion from Bangladesh Bank's account there.

Most of the transfers were blocked but about $81 million was sent to a bank in the Philippines. It was moved to casinos and casino agents and much of it is missing.

Ralph Recto, one of the Philippine senators leading the investigation, said in April Chinese hackers were likely to have pulled off the heist, citing a network of Chinese people involved in routing the stolen funds through Manila.

China has dismissed the suggestion.

Bangladesh Bank officials have said they believed SWIFT, and the New York Fed, bear some responsibility for the cyber heist, but SWIFT has rejected the suggestion.

The Philippine inquiry has helped recover $15 million of the stolen funds, but the head of the Philippine anti-money laundering council, Julia Abad, said it would take three to five months before the money, now subject of a forfeiture case, could be returned to Bangladesh.

Senators wrapped up their investigation on Thursday but they were nowhere near finding the truth of what happened as they were hamstrung by the country's strict bank secrecy laws and as casinos fall outside the ambit of the anti-money laundering law.

 
 

'SWIFT technicians left BB vulnerable to hackers'

সোমবার, ০৯ মে ২০১৬

09 May 2016 Bangladesh's central bank became more vulnerable to hackers when technicians from SWIFT, the global financial network, connected a new bank transaction system to SWIFT messaging three months before a $81 million cyber heist, Bangladeshi police and a bank official alleged.

The technicians introduced the vulnerabilities when they connected SWIFT to Bangladesh's first real-time gross settlement (RTGS) system, said Mohammad Shah Alam, the head of the criminal investigation department of the Bangladesh police who is leading the probe into one of the biggest cyber-heists in the world.

"We found a lot of loopholes," Alam said in an interview in Dhaka. "The changes caused much more risk for Bangladesh Bank."

He and a senior central bank official said the SWIFT employees made missteps in connecting the RTGS to the central bank's messaging platform.

The technicians did not appear to have followed their own procedures to ensure the system was secure, according to the Bangladesh Bank official, who said he was not authorized to publicly comment because of the ongoing investigation.

Because of this, SWIFT messaging at the central bank was widely accessible, including remote access with only a simple password, police said. It had no firewalls and only a rudimentary switch.

"It was the responsibility of SWIFT to check for weaknesses once they had set up the system. But it does not appear to have been done," said the bank official.

SWIFT's chief spokeswoman Natasha de Teran said she had no comment on the allegations by authorities in Bangladesh. She also declined comment on any aspect of the Bangladesh project, including whether the firm had deployed any employees or outside contractors to Bangladesh Bank.

Reuters was not able to independently verify the allegations by Bangladeshi officials about the SWIFT technicians. If they are validated, however, that could undermine confidence in the cooperative that is the backbone of global financial transactions.

The officials in Dhaka discussed their findings with Reuters ahead of a meeting this week in Basel, Switzerland where Bangladesh Bank officials have said their governor and a lawyer appointed by the bank will discuss recovery of about $81 million stolen by the hackers with the head of the Federal Reserve Bank of New York and a senior executive from SWIFT.

Bangladesh Bank officials have said they believed SWIFT, and the New York Fed, bear some responsibility for the February cyber heist. SWIFT has declined comment on that claim.

"NO INHERENT RISK"

The RTGS, which enables domestic banks and the central bank to settle large transfers between themselves, was installed at Bangladesh Bank in October last year and then connected to SWIFT. In February, hackers sent fraudulent messages, ostensibly from the central bank in Dhaka, on the SWIFT system to the New York Fed seeking to transfer nearly $1 billion from Bangladesh Bank's account there.

Most of the transfers were blocked but about $81 million was sent to a bank in the Philippines and much of that money remains missing.

A spokesman for Bangladesh Bank declined comment on the investigation into the heist.

He said, however, that RTGS continued to work well, noting that a large number of countries use SWIFT messaging for similar systems. "There is no inherent risk in this," he said.

According to the Bangladeshi police, the technicians linked the RTGS to SWIFT computers on the same network as about 5,000 central bank computers that are accessible from the open Internet.

Instead, they should have set up a separate local area network, or LAN, that could not connect to the rest of the bank or the Internet, police said.

The technicians also failed to install a firewall between the RTGS and the SWIFT room so that the bank could block malicious traffic from coming into the facility.

When they installed a networking switch to control access to SWIFT, they chose to use a rudimentary old one they had found unused in the bank, rather than a more sophisticated, managed switch that gave the bank the ability to control access to the network, police said.

REMOTE ACCESS

During the job, the technicians set up a wireless connection so they could access computers in the locked SWIFT room from other offices inside the bank. When they finished, they failed to disconnect the remote access, which was only secured with a simple password, police and the bank official said.

They also failed to disable a USB port on the computer attached to the SWIFT system, as is usual for critical networks to prevent malicious software from being installed through a tainted thumb drive, police said.

Police did not provide any evidence for any of the assertions.

But another central bank official familiar with the SWIFT room operations confirmed that the port was "active" until the heist came to light. He had no explanation.

The hackers used malicious software to modify the SWIFT messaging software to help hide their tracks.

Bangladeshi police said they have asked SWIFT to facilitate interviews with the SWIFT technicians. "Whether it is intentional or negligence, we are trying to find out," said Alam.

SWIFT, or the Society for Worldwide Interbank Financial Telecommunication, is used by about 8,000 banks around the world to order funds transfers and other communications. It is connected to RTGS systems installed at scores of banks worldwide, and there have been no reports of problems elsewhere with connections between those two systems.

The US FBI, which is leading investigations into the case, has made no comment so far.

New York Fed executive Richard Dzina said at a conference last week that bank workers "acted properly" in releasing the funds. The system was penetrated, he said, because the hackers had acquired valid credentials to order the transfers

Former central bank governor Mohammed Farashuddin, who is heading an internal probe by Bangladesh Bank into the heist, said SWIFT needed to review its technology in the wake of the heist.

"It seems to be a case of extreme carelessness," he told Reuters. He declined to provide more details saying a final report was due in the next few weeks.

 
 

Ecnec okays Tk 34,988cr Padma bridge rail link project

মঙ্গলবার, ০৩ মে ২০১৬

03 May 2016 The Executive Committee of the National Economic Council (Ecnec) today approved the much-talked about Tk 34,988 crore project of Padma Bridge rail link from Dhaka to Jessore.

Of the total, the government will finance Tk 10,239 crore while China Tk 24,749 crore.

The Ecnec meeting, which is presided over by Prime Minister Sheikh Hasina, set a target to implement the project by 2022.

 
 

World Bank questions Bangladesh government’s growth forecast

শনিবার, ৩০ এপ্রিল ২০১৬
30 April 2016 The World Bank lauded Bangladesh’s progress during the ongoing 2015-16 fiscal, but doubted the government’s forecast of a 7 percent growth in the country’s gross domestic product (GDP).

Print Friendly and PDF
0


0

0

According to the global lender, all the key macroeconomic indicators, except for export earnings, show a negative trend during the fiscal.

On Saturday, its Dhaka office launched the report ‘Bangladesh Development Update.’

After the government said that Bangladesh would grow by over 7 percent by the end of the current fiscal, the World Bank has been expressing doubts.

Both Finance Minister AMA Muhith and Planning Minister AHM Mustafa Kamal have said that the multilateral agency’s forecast is not always accurate.

In its January 2016 ‘Global Economic Prospects’ report, the World Bank said that Bangladesh ‘s GDP growth would stand at 6.7 percent.

Speaking to the media on Saturday, WB Dhaka office’s Lead Economist Zahid Hussain, however, said Bangladesh’s GDP will grow by 6.7 percent in the next 2016-17 fiscal.

“The latest data released by government shows negative trend in all indicators except exports,” he said.

Referring to growth forecasts by several organisations, he said, “Some predict 6.3, some 6.6 and then again there are forecasts of 6.8 while the government says 7.05.

“All of them are over six. Whatever it may be, it’s one of the highest growths across the globe.”

 
 

ESCAP projects 6.8% growth for 2016

বৃহস্পতিবার, ২৮ এপ্রিল ২০১৬

28 April 2016 In contrary to the government’s growth expectation of beyond 7 percent for 2016, a United Nations body today said it would not exceed 6.8 percent.

UN’s Economic and Social Commission for Asia and the Pacific (ESCAP) made the projection on the basis that “global exports are down especially in the Europe.”

The UN’s regional development arm for Asia-Pacific region made the observation in a report published at IDB Bhaban in Dhaka’s Agargaon this morning.

Finance Minister AMA Muhith had aimed at 7 percent growth when he laid down the budget for 2015-16. This month, Bangladesh’s stats division has released provisional data for 2015-16 stating that growth will exceed 7 percent.

 
 

BB heist: Attackers ‘hacked SWIFT software’

সোমবার, ২৫ এপ্রিল ২০১৬

25 April 2016 The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems.

SWIFT, a cooperative owned by 3,000 financial institutions, confirmed to Reuters that it was aware of malware targeting its client software. Its spokeswoman Natasha Deteran said SWIFT would release on Monday a software update to thwart the malware, along with a special warning for financial institutions to scrutinize their security procedures.

The new developments now coming to light in the unprecedented cyber-heist suggest that an essential lynchpin of the global financial system could be more vulnerable than previously understood to hacking attacks, due to the vulnerabilities that enabled attackers to modify SWIFT’s client software.

Deteran told Reuters on Sunday that it was issuing the software update “to assist customers in enhancing their security and to spot inconsistencies in their local database records."

The software update and warning from Brussels-based SWIFT, or the Society for Worldwide Interbank Financial Telecommunication, come after researchers at BAE (BAES.L), which has a large cyber-security business, told Reuters they believe they discovered malware that the Bangladesh Bank attackers used to manipulate SWIFT client software known as Alliance Access.

BAE said it plans to go public on Monday with a blog post about its findings concerning the malware, which the thieves used to cover their tracks and delay discovery of the heist.

The cyber criminals tried to make fraudulent transfers totaling $951 million from the Bangladesh central bank's account at the Federal Reserve Bank of New York in February.

Most of the payments were blocked, but $81 million was routed to accounts in the Philippines and diverted to casinos there. Most of those funds remain missing.

Investigators probing the heist had previously said the still-unidentified hackers had broken into Bangladesh Bank computers and taken control of credentials that were used to log into the SWIFT system. But the BAE research shows that the SWIFT software on the bank computers was probably compromised in order to erase records of illicit transfers.

Deteran reiterated on Sunday that "the malware has no impact on SWIFT’s network or core messaging services."

The SWIFT messaging platform is used by 11,000 banks and other institutions around the world, though only some use the Alliance Access software, Deteran said.

SWIFT may release additional updates as it learns more about the attack in Bangladesh and other potential threats, Deteran said.

SWIFT is also reiterating a warning to banks that they should review internal security.

“Whilst we keep all our interface products under continual review and recommend that other vendors do the same, the key defense against such attack scenarios is that users implement appropriate security measures in their local environments to safeguard their systems,” Deteran said.

Adrian Nish, BAE's head of threat intelligence, said he had never seen such an elaborate scheme from criminal hackers.

"I can't think of a case where we have seen a criminal go to the level of effort to customize it for the environment they were operating in," he said. "I guess it was the realization that the potential payoff made that effort worthwhile."

A Bangladesh Bank spokesman declined comment on BAE's findings.

A senior official with the Bangladesh Police’s Criminal Investigation Department said that investigators had not found the specific malware described by BAE, but that forensics experts had not finished their probe.

Bangladesh police investigators said last week that the bank's computer security measures were seriously deficient, lacking even basic precautions like firewalls and relying on used, $10 switches in its local networks.

Still, police investigators told Reuters in an interview that both the bank and SWIFT should take the blame for the problems.

"It was their responsibility to point it out but we haven't found any evidence that they advised before the heist," said Mohammad Shah Alamo, head of the Forensic Training Institute of the Bangladesh police's criminal investigation department, referring to SWIFT.

THWARTING FUTURE ATTACKS

The BAE alert to be published on Monday includes some technical indicators that the firm said it hopes banks could use to thwart similar attacks. Those indicators include the IPaddress of a server in Egypt the attackers used to monitor use of the SWIFT system by Bangladesh Bank staff.

The malware, named evtdiag.exe, was designed to hide the hacker's tracks by changing information on a SWIFT database at Bangladesh Bank that tracks information about transfer requests, according to BAE.

BAE said that evtdiag.exe was likely part of a broader attack toolkit that was installed after the attackers obtained administrator credentials.

It is still not clear exactly how the hackers ordered the money transfers.

Nish said that BAE found evtdiag.exe on a malware repository and had not directly analyzed the infected servers. Such repositories collect millions of new samples a day from researchers, businesses, government agencies and members of the public who upload files to see if they are recognized as malicious and help thwart future attacks.

Nish said he was highly confident the malware was used in the attack because it was compiled close to the date of the heist, contained detailed information about the bank's operations and was uploaded from Bangladesh.

While that malware was specifically written to attack Bangladesh Bank, "the general tools, techniques and procedures used in the attack may allow the gang to strike again," according to a draft of the warning that BAE shared with Reuters.

The malware was designed to make a slight change to code of the Access Alliance software installed at Bangladesh Bank, giving attackers the ability to modify a database that logged the bank's activity over the SWIFT network, Nish said.

Once it had established a foothold, the malware could delete records of outgoing transfer requests altogether from the database and also intercept incoming messages confirming transfers ordered by the hackers, Nish said.

It was able to then manipulate account balances on logs to prevent the heist from being discovered until after the funds had been laundered.

It also manipulated a printer that produced hard copies of transfer requests so that the bank would not identify the attack through those printouts, he said.

 
 

ADB to give Tk 13,115cr for Trans-Asia rail corridor

মঙ্গলবার, ১৯ এপ্রিল ২০১৬

19 April 2016 The Asian Development Bank will provide Tk 13,115 crore loan for implementing a rail route project which will connect Bangladesh to the east and west.

The Executive Committee of the National Economic Council (Ecnec) today approved the Single line Dual-Gauge Rail Route Project costing about Tk 18,034 crore, Planning Minister AHM Mustafa Kamal told journalists this afternoon.

The project will connect Dohajari of Chittagong with Dumdum in Cox’s Bazar via Ramu with rail routes which will be linked to Trans-Asia Railway corridor in Myanmar, the planning minister said.

He briefed the journalists about the outcome of the Ecnec meeting held at the the National Economic Council (NEC) conference hall in Sher-e-Bangla Nagar, Dhaka.

The Trans-Asian Railway (TAR) Friday will connect the country's rail system to a 81,000km network stretching from Europe to East and South-East Asia.

 
 

RMG: 49.5% remediation works completed

বুধবার, ১৩ এপ্রিল ২০১৬

13 April 2016 A 49.5 percent remediation works in the factories under the Alliance for Bangladesh Worker Safety (Alliance) have been completed, as recommended by the experts to ensure workplace safety, according to a report by the Alliance.

A total of 24 factories have fully completed the remediation works as the Alliance has entered into its third year, the Alliance progress report said.

The inspection agency released its progress report globally today.

Alliance, a platform of 28-North American retailers and brands for factory inspection and remediation in Bangladesh will function here up to June 2018.

According to the report, due to progress in the remediation the incidence of serious fires in the garment factories has dropped significantly since 2012.

The Bangladesh Fire Service & Civil Defence states that the number of fires in the garment factories fell by almost 90 percent between 2012 and 2015.

There were 250 garment factory fires in Bangladesh in 2012 — with an average of five fires per week which took 115 lives. Last year, there were just 30 such fires, none of which resulted in death, the report said.

“While the number of ready-made garment factories sent to the review panel or suspended is small (5 percent out of 677 active factories), all Alliance factories require some form of remediation to fully meet our safety standards,” the report also mentioned.

During the inspection, the Alliance recommend for the complete closure of factories that demonstrated structural deficiencies that we deem to be critical.

The decision of full or partial closure of any factory has to be based on the recommendation by the review panel, which is constituted with the representatives of Alliance, government officials, rights groups and garment makers’ associations.

The Alliance said following the inspection of nearly 700 factories — that it has recommended a total of 36 factories to the review panel for closure.

Of these, one has relocated to a new structure and 13 are actively undergoing repair; the remaining 22 have either been closed permanently or suspended.

“We have also started cutting ties with factories that are not making adequate progress on remediation. To date, we have suspended 77 factories — and their status is publicly reported,” the Alliance said.

The Alliance has set up a helpline for the workers in 643 factories where a total of 8,66,702 workers are employed. So far 55,544 calls have been received by the helpline. A total of 6,500 displaced workers have been compensated by the Alliance so far.

The Alliance has trained 1.2 million workers and re-trained 4,20,000 workers on fire safety and 20,000 security guards on evacuation training.

“Progress remedying factory safety issues is significant, but remains slower than projected,” the Alliance report said.

Factors such as political unrest, a lack of qualified engineers, the time consuming yet required import of vital safety equipment not available in Bangladesh, and natural disasters such as the 2014 earthquake in neighboring Nepal have all imposed delays to the remediation process.

Another factor is the real need to amend our protocols to address the realities on the ground when new challenges arise.

For example, we did not previously require Alliance approval of factory documentation of hydrant and sprinkler design.

However, during our remediation verification visits, we came to learn that many systems were not being designed or installed correctly.

As an example, a fire occurred on February 23, 2016 in the Pretty Sweaters Ltd factory, which had just entered the Alliance process, but had previously done some remediation work.

Thankfully, there were no casualties as a result of this fire — the factory had improperly installed a poorly designed sprinkler system before coming on-line with the Alliance.

Fortunately, the fire doors and hydrants had been remediated properly and were able to contain the fire long enough to allow the fire service to arrive.

“This case reinforces our requirement that factories get design approval from our team before beginning physical remediation,” the report said.

 
 

Page 1 of 6

Joomla Templates and Joomla Extensions by JoomlaVision.Com
Joomla Templates and Joomla Extensions by JoomlaVision.Com

Wide Reading

Calendar

June 2017
SMTWTFS
123
45678910
11121314151617
18192021222324
252627282930

অর্থনীতি

Demo JV Right

আর্কাইভ

< June 2017 >
Mo Tu We Th Fr Sa Su
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30