Fraudsters take advantage of weak Ctg customs cyber security

Chattogram Bureau :
Chattogram Customs House officials do not mind giving the credentials of an automated revenue software to unauthorised people. Although the software means serious international trade and transport operations, they often log into the system while surrounded by clearing and forwarding (C&F) agents, and sign in to the system from outside of the office. The Customs House authorities do not even deactivate IDs of officials who are no longer with them.
Because of such unthoughtful attitudes some customs insiders having links with cybercriminals have led to breaches of the Chattogram Customs House server time and again, said officials concerned.
The breaches cost the government with either huge import duties in dodged taxes or by providing the scammers with incentives against exports that do not exist.
“There are imminent risks and vulnerabilities in the automated revenue collection. If the issues are not addressed, the purpose of the automation – which improved revenue collection – will remain elusive,” M Fakhrul Alam, commissioner at the Chattogram Customs House, wrote in a letter to the National Board of Revenue on 17 November after detecting at least two breaches in that month alone.
In the latest incident, scammers breached the revenue system to falsely show export of goods worth around Tk12.78 crore. They used the credentials of two customs officers to access the server.
In the letter, the customs commissioner, however, added that his staff are supposed to require one-time password (OTP) for each log-in to Automated System for Customs Data (ASYCUDA) – an integrated customs management system for international trade and transport operations for import, export and transit procedures, but the users still can access to the system without an OTP.
Earlier, the fraudsters unlocked 4,000 consignments worth Tk850 crore from the port using the user ID of a customs officer who had retired four years ago.
They have also used another ID of a retired official to log in to the system 3,681 times. The customs intelligence also found involvement of eight customs officials collaborating with the C&F agents in such scams., said
Altaf Hossain Chowdhury Bachchu, general secretary of the Chattogram Clearing and Forwarding Agents Association, and urged full implementation of the OTP system for every access to the server to prevent frauds and scams. If the OTP requirement had been there, the officials could not have claimed that their credentials had been stolen.”Chattogram Customs Commissioner Fakhrul Alam said, “Such forgeries could not have taken place if the OTP system had been fully operational.”