On February 2016, five transactions issued by security hackers, worth $101 million and withdrawn from a Bangladesh Bank account at the Federal Reserve Bank of New York. [Dridex malware was used for this attack].
Early in May 2016 , A Turkish hacker group dumped a considerable amount of secured consumer data of three Bangladeshi commercial banks online. The file archives posted
312KB for the DBBL,
11.2MB for City Bank and
95KB for the Trust Bank, respectively.
City Bank’s
11.2MB dump has a single spreadsheet, which appears to contain the personal information of
at least 1 million bank customers . Details include –
full name, father’s name, mother’s name, date of birth, age, mailing address, contact number, permanent address and email. I made a huge research on Google after this.
Out of my 35 years of experience in IT, I have developed an impression that the organizations are never willing to invest in IT security until and unless they are targeted and fallen as victims. What is more important is to make the system bulletproof and to defend further attacks by raising awareness.
This is why I think working with Security Software Development is profitable in Bangladesh’s perspective.
It's not necessary for everyone to get into hacking!We can develop our apps so secure that it needs afford and professional skills to be hacked.
<?php echo "As no system is 100% secured"; ?>So, how do you start?
A Security Software Developer should be familiar with the ins and outs of computers and know a little bit about everything in the IT domain.
For this you have to
- Learn about Windows and Linux. Use VirtualBox and VMware to practice this.
- Learn about networking concepts like IP address, subnets, TCP/IP, OSI model, LAN,WAN
- Learn about functions of switch, router, firewall, access point etc.
- Learn about DNS, DHCP, SNMP, ARP, NAT.
- Learn about HTTP, FTP, Telnet, RDP, SSH, POP, SMTP, SSL, NetBios.
-
Security Software Developers are expected to have a bachelor’s degree in Computer Science or the equivalent (e.g. Math, Network Technology, Electrical Engineering, Software Engineering etc.). You can supplement this degree with certifications and on-the-job training.
A master’s degree is a plus, but is not considered mandatory. Employers will be focusing on your hard skills and my years of experience in software development.
Certificates:• ECSP: EC-Council Certified Secure Programmer
• CSSLP: Certified Secure Software Lifecycle Professional
• GSSP-JAVA: GIAC Secure Software Programmer-Java
• GWEB: GIAC Certified Web Application Defender
• GSSP-.NET: GIAC Secure Software Programmer- .NET
• CEH: Certified Ethical Hacker
• CES: Certified Encryption Specialist
Skills• Windows, UNIX and Linux operating systems
• C, C++, C#, Java, ASM, PHP, PERL
• TCP/IP-based network communications
• IP security
• Relational databases (e.g. SQL, MySQL, SQLite, etc.)
• Hypervisors (e.g. VMware, KVM, etc.)
• Python Experience in HTML/CSS
• XML/Web Services, AJAX
• Cloud computing
If you are interested you can Google more about it.
All the information here is collected by me (SMN Shuvo). Have a good day!