Biman’s email server down with ransomware

Biman’s email server was attacked with ransomware on Friday and the organisation has yet been unable to recover it.

Multiple top officials of Biman wishing anonymity told The Daily Star today that they have been unable to communicate with their colleagues since Saturday.

Ransomware is a type of malware that accesses data and threatens to publish it, or permanently blocks access to it unless a ransom is paid. This ransom can go up to hundreds of thousands of dollars.

At the moment, the ransomware has access to all the emails sent by every single official in Biman, including sensitive information about aeroplanes, routes, crew, pilots, airports, schedules, passengers, purchase, billing, procurement etc.

Biman was declared a critical information infrastructure last year in October, considering the nature of the organisation.

According to the Digital Security Act, these infrastructures are those that control, process, circulate or preserve any information-data or electronic information that if damaged or critically affected, may adversely affect public safety, financial security, public health, national security or national integrity, and sovereignty.

Biman Managing Director and CEO Shafiul Azim said that the malware encrypted the mail server.

However, the server dealing with ticket reservations, ticketing, and checking in has not been affected.

“Everyday I need to communicate with different stakeholders both inside and outside the country through Biman’s email. But I have been in the dark for the last two days,” said the Biman official.

Another official also said, he couldn’t communicate with the outside world due to the disruption in Biman’s email server. This includes their outstations in international airports.

“We are almost dysfunctional without communicating through our email,” he said, adding, some officials are trying to carry out their work manually.

However, Azim claimed that what happened in Biman’s email server was not hacking.

He also claimed that no data or information was stolen.

Asked whether hackers demanded any ransom, the Biman boss said, “It was not a case of hacking.”

Azim said, “Immediately after the incident, our IT team started recovering the system and communication through our email server has already started in a small scale.”

Another Biman official late last night said the access to the server has not been restored.

The punishment for hacking such infrastructure is life imprisonment.

However in spite of the seriousness of the matter, Biman is yet to notify the Digital Security Agency, confirmed its director (operations) Md Aminul Ehsan.