National Board of Revenue (NBR) has strengthened the security measures of the Assyakuda World system. On Tuesday (November 19), NBR issued a statement in this regard.
The National Board of Revenue is committed to enhancing cyber security and safe use of all automated systems of the National Board of Revenue besides collection of revenue, NBR said.
It has been said that an unscrupulous gang has submitted a bill of entry on May 20 and redeemed a container of cigarettes using his Asycuda World System ID in the absence of an official working at the Chittagong Customs House. Preliminary investigation revealed that the goods were recovered not by hacking the system but by stealing his ID and password from the official's computer in his absence. As this is a very worrisome and sensitive issue, the National Board of Revenue has taken the initiative to identify the real culprits and their accomplices involved in this malpractice.
An inquiry committee headed by the Director General, Customs Intelligence and Investigation and another headed by a member of the National Board of Revenue is working to take action against the gangs involved in clearance of goods by using stolen ID-passwords of customs officials. It has been said on behalf of NBR that necessary assistance is being taken from the Cyber ​​Crime Unit of Bangladesh Police.
NBR is of the opinion that all the gangs involved in misappropriation of state resources and cyber crimes will be identified and brought under punishment with the help of all the stakeholders and other agencies of the government if required. The National Board of Revenue believes that the actions already taken will make the Asycuda World system more secure and safe.
According to NBR, the reliable and secure system called Asycuda World developed by the UN Conference on Trade and Development and UNCTAD has been used continuously since 1993 by about 100 countries of the world, including the customs authorities of Bangladesh. The National Board of Revenue has taken various steps to strengthen the overall security of the system, including ensuring three levels of security for accessing the Assykuda World system as follows:
The first step in security: password authentication. The official in whose favor the User ID is allotted has to login to the Asycuda World system using his secret password.
Second level of security: Two factor authentication is mandatory with the help of a powerful middleware used in Asycuda World. A One Time Password (OTP) will automatically be sent to the user's verified mobile number after entering the secret password to log-in to the Asycuda World system, without which he will not be able to access the system.
Third step of security: I.P. Address device binding. The IP details of the desktop or laptop used by the authorized user of the Asycuda World System are entered into the system so that the user cannot access the Asycuda World System from any computer or mobile phone other than the specified computer.
In addition to further strengthening the three-step security system, system users of all customs stations have been instructed to use strong passwords to prevent abuse of the Asycuda World system, and automatic password reset every 21 days and cancellation of the previous 3 passwords have been arranged.
Code Singer Certificate is implemented to prevent illegal decryption, re-encryption of Java archive Java files of the system by providing integrity verification and authenticity assurance.
The use of social media is prohibited on computers used in Asycuda World systems.
Bangladesh Computer Council is working on Vulnerability Assessment and Penetration Testing (VAPT). Initiatives will be taken to implement the results of the testing and the recommendations of the Bangladesh Computer Council at the earliest.
