Computer crimeAs Nepal moves towards a digital democracy, there is a need to develop a safer cyberspace
The threat of cyber terrorism is increasing by the day, forcing nation states to put cyber defence and cyber policing very high on their national security agenda. This year, many democratic countries are already on high alert after having discovered that ISIS is planning to launch deadly cyber-attacks that could possibly take out critical infrastructures like airports, hospitals, financial institutions, nuclear power plants, and electricity supply.
Successful cyber-attacks can be devastating. In 2007, Estonia, one of the most digitised countries in the world suffered a sustained cyber-attack on its information infrastructure that seriously crippled the Baltic democracy for a couple of weeks. The Estonian case shows that highly advanced countries using internet as a critical infrastructure have to be wary of the vulnerabilities and consequences of cyber-attacks.
Keeping in mind the potential devastation successful cyber-attacks could have on society, democracy and the economy, many digitally advanced countries have already put cyber strategies in place and many are in the process of developing one. The UK government is creating the country’s first “cyber force” to combat online threats from terror groups. The post 9/11 US Government has had a cyber-defence strategy for quite some time. The Department of Homeland Security and the Air Force have permanent offices in Silicon Valley. After the 2007 cyber-attack, Estonia developed Cyber Security Strategy and also established the Cyber Security Council with a task of contributing smooth cooperation between various institutions to conduct surveillance.
Another milestone in the cyber security space recently came out of Brussels. The Belgian government approved a proposal to establish CYBERBOL, a non-partisan International Non-Governmental Organisation responsible for policing the cyberspace. CYBERPOL provides communications support and administrative liaison for the law enforcement agencies’ cyber units.
As Nepal prepares to move towards a digital democracy, there is a need for the government to develop strategies that help shape open, vibrant and stable cyberspace so as to promote business over the internet as analysts have predicted that e-commerce will reach $1.1 trillion by 2020. In short, Nepal cannot afford to miss this boat. Furthermore, if the country is to sustain democracy in the digital age, cyber security has to be made a top priority, mainly because cyber-criminal activity will increase as the digital age unfolds.
Nepal’s Cyberwellness low score in the International Telecom Union’s (ITU) recently released Global Cyber-security Index (CGI) shows that the government has not been doing enough. The index measures each country’s level of commitment to cybersecurity by assessing legal, technical, organisational capacity building, cooperation, and measures to protect children online. Nepal scored 0.118, the US 0.825 and Somalia had one of the lowest scores of 0.029. The fact that Nepal’s score is closer to that of a failed state and not a stable democracy is deeply troubling.
The low Cyberwellness score does not come as good news at a time when the country is witnessing an increase in cyber-crime. According to the Nepal Police statistics, the number of cybercrimes reported in the country increased by 105 percent in the fiscal year 2014-15. Even without comprehensive cyber legislations and missing national level cyber security strategy, Nepal Police has been effectively tackling cyber-crimes for more than half a decade and there is a good reason for this. Nepal Police has installed dedicated Cyber Crime Cells, established the Digital Forensic Lab at Police Headquarters-CID, deployed Cyber Cops, and also networked with Interpol and other High-Tech Crime Control Centres. Nepal Police has been lucky in this regard because successive heads of their origanisation have understood the importance of policing in the cyberspace and supported the
On the political side, rhetoric aside, if the government is really serious about harnessing the economic benefits of the Internet, it has to immediately focus on a couple of things. First, establish a ministry dedicated to internet followed by necessary policies and legislations. Second, build an effective partnership to promote information sharing among the government, law enforcement agencies, academia, and industry. Third, develop a capacity to detect cyber-attacks to quickly and effectively protect networks. Fourth, hire and retain cyber-security professionals with the necessary standards and certification. Finally, collaborate with international cyber security agencies.
The government has the main responsibility of taking effective measures to promote growth in the digital sector, and also at the same time secure the cyberspace so that the economic impacts of cyber-attacks are minimal. This can only happen if an effective collaborative framework is developed to promote government’s partnership with other stakeholders because technology is advancing at such a breakneck pace.
The key to successfully fighting cyber-crime is a partnership with academia, mainly because academic institutions train the workforce that will be employed by the industry, governments, and the law enforcement agencies to execute, manage, and monitor cyber operations. Furthermore, it can also play an important role in conducting the much needed research and development of new technologies, standards, and international frameworks by collaborating with the industry.
In a nutshell, countering the next generation of cyber security threats to protect our democratic gains and setup will require a much greater collaboration between the government, law enforcement agencies, industry, and academia.
Kathayat is a Retired Deputy Inspector General of Nepal Police; Pokharel is Head of Department of Computer Science and Engineering, at Kathmandu University; Shah is the co-author of ‘Strategic IT Planning for Public Organizations: A Toolkit’ published by the UN in 2009