The ransomware group “KillSec” has once again made headlines by attacking “বঙ্গবন্ধু সরকারি কলেজ, তারাকান্দা, ময়মনসিংহ” and stealing sensitive data from the institution. The group posted the breach on their Dark Web site on October 4th, showcasing their control over a wide range of data, including file system structure, student records, academic data, and even the framework of the college’s application systems. With a countdown set for 7 days, 2 hours, and 59 minutes before the full release of the data, KillSec has yet to disclose their ransom demands.
This attack adds to KillSec’s growing reputation as a significant cyber threat in Bangladesh. Earlier this year, the group also targeted a major financial organization, demonstrating their focus on high-impact sectors.
Data Stolen
According to KillSec’s description, the data they have taken includes:
- File system structure, directory names, and file names
- Application framework structure and database information
- Error logs and configuration files
- Student records, including academic data and course information
- Student names, exam dates, subject names, grade levels, student IDs, and marks/scores
- Institutional details like academic years, class sections, and curriculum details
This is not KillSec’s first attack on a Bangladeshi institution. Earlier this year, they targeted a Bangladeshi financial organization, marking a significant breach that sent ripples through the country’s cybersecurity landscape. The recent attack on Bangabandhu Government College only strengthens their track record as one of the most dangerous cyber groups threatening Bangladesh’s digital infrastructure.
KillSec’s latest attack comes amidst rising concerns about the security of educational institutions in Bangladesh.According to The National Attack Surface (NAS) report for the first half of 2024, highlights an alarming trend: 56.6% of all cyberattacks in Bangladesh targeted educational institutions. This points to a major negligence in maintaining and updating school websites, leaving them vulnerable to such high-profile attacks.
Additionally, 32.4% of the attacks during this period were directed at government websites, many of which showed critical security weaknesses. The remaining 11% of attacks affected privately owned or business websites, further demonstrating the widespread nature of cyber threats in the country.
Attack Patterns
The NAS report also outlined the primary patterns of attacks across Bangladeshi websites:
- 51.6% of websites were defaced by attackers, damaging their public image and causing operational issues.
- 27.85% suffered DDoS attacks, disrupting services and access to vital resources.
- 13.24% experienced massive data breaches, potentially leaking sensitive information to unauthorized parties.
- 7.31% of the websites were still vulnerable as attackers had ongoing access to their administrative panels.
The attack on Bangabandhu Government College by the KillSec ransomware group serves as a harsh reminder of the growing vulnerabilities within Bangladesh’s digital landscape, particularly in the education sector. With the group threatening to release sensitive academic and institutional data, the urgency for stronger cybersecurity measures has never been clearer. The National Attack Surface (NAS) showed us a troubling picture of how educational institutions and government websites are frequent targets due to poor maintenance and outdated security protocols.As cyberattacks become more frequent and sophisticated, it is crucial for all sectors to prioritize cybersecurity, regularly update their systems, and train staff to respond effectively to threats. The work of organizations like BCSI in highlighting these risks and offering solutions is vital in the fight against these cybercriminals.
