Defending digital frontierNepal must catch up to overcome vulnerability to the escalating threats of cyber-attacks
On Sunday, a hacker group dubbed Paradox Cyber Ghost (PCG) allegedly executed a widescale cyber-attack on the government. PCG took to Facebook to brag about its infiltration of government computer systems and published a list of 58 websites that it hacked, including that of the Ministry of Defence, Office of the Auditor General and Nepal Law Commission. Some of the sites included in the list made public by PCG are up and running, leaving room for doubt as to whether PCG managed to breach all 58 websites. However, the website for the Ministry of Defence still had not come back online as of yesterday, lending credence to PCG’s claims.
That an official of the Ministry of Science and Technology stated confidential documents are not uploaded on government websites, thus negating the chances of a government secret being stolen by actors of malevolent intent, is not entirely reassuring. Nepal has embarked on the path to e-governance, and PCG’s breach of government systems has highlighted the state’s vulnerability to cyber-attacks. Personal information of citizens is being processed and stored digitally by the government, and the financial sector is increasingly relying on digitalising accounts. Internet usage has also surged—approximately 58 percent of the country’s population now has access to internet services. This could potentially put a trove of data into the hands of hackers if the cyber system lacks appropriate defences. And as a fledgling in the movement towards e-governance, Nepal’s inexperience in the sector of information and communication makes it all the more vulnerable.
The state’s apathy towards the Information and Communication (IT) sector has to be addressed immediately in a world where cyber security is constantly evolving and the size, sophistication and cost of cyber-attacks are growing. The global scenario is such where the malicious ransomware of Petya/Notpetya and WannaCry have created havoc around the world, halting computers and business operations in almost 100 countries. In 2016 alone, cyber theft cost the global economy more than $450 billion. In a world where cyber-attacks and malware are rapidly developing, Nepal’s Electronic Transaction Act 2006 is thoroughly outdated. It is essential for the state to come up to speed in order to overcome its susceptibility to the escalating threat of cyber-attacks.
PCG’s attacks have spurred the Ministry of Science and Technology to form a three-member committee to look into the breach of government computer systems. But whether this committee can make recommendations that fully address the countless threats presented by cyber-attacks is doubtful. PCG has communicated that it aimed to test the vulnerability of the government computer systems and did not have ulterior motives. If this is truly the case, Nepal has lucked out. Nonetheless, this should be a clarion call for the state to develop the capability to fend off any future cyber-attacks.