A recent spate of cyber attacks on government websites have revealed large loopholes and cyber vulnerabilities of central agencies that hold information of national importance. Preventing such attacks seems to be possible in the future, but this requires large amounts of funds and a complete revision of the way the government and technological firms handle software and primary websites. Cyber security has now become a global problem and no country, including Third World and least developed countries, is invulnerable. After land, sea, air and space, the pendulum of security threat has swung to another domain: cyberspace.

The Global Cybersecurity Index (CGI) 2017 has given Nepal’s vulnerable cyber wellness a score of 0.275. Likewise, India has a score of 0.683 and Singapore has the highest score of 0.925. With little control over the systems used by Nepali professionals and the data passing through them, Nepal’s homeland security design remains under threat. Particularly, our cyber architecture seems to be prone to three kinds of digital invasions: ‘SQL injection’ means a code injection technique used to attack data-driven applications; another is ‘espionage’, which includes interfering with systems to steal information, and ‘brute force attack’ is an algorithm attack system which searches for vulnerabilities in the system and gains access into it.

Increasingly critical

Information and communication technology (ICT) networks, devices and facilities have become more and more critical for daily life. In 2016, nearly half the world’s population, that is 3.5 billion people, used the web network. One evaluation reveals that there will be more than 12 billion machine-to-machine devices networked to the internet by 2020. Like in the real world, cyber space is also vulnerable to various security pressures that can result in great digital destruction. Web networks regulate the country’s security grid, e-commerce and stock markets, and other data highways. That’s why many developed countries have acknowledged the risk of cyber-attacks on the homeland network infrastructure as one of the biggest threats. An unbelievable number of cyber breaches daily knock out global networks with the cost of trespassed secret information and personal security. And most of the time, the culprit walk outs unidentified.

Originally, the internet was regarded as the hallmark of a new world; now the internet has become an integral part of human existence. Therefore, cyber security should be a primary concern for not just the government but also private enterprises. Individuals too should exercise caution regarding such matters. Nowadays, information is power, and millions of wicked geniuses are prepared to take risks and stake almost anything to get it. On the one hand, many private organisations and governments around the world are warning their staff to think twice before clicking anything received as an email; and on the other hand, hackers have already upgraded to a new strategy of outbreak, targeting social media accounts where there may be a large number of gullible people.

On alert

Now we are on the verge of considering whether the current customer support mechanism, which ensures user security, needs to be restructured. It is also time for mainstream software companies to realise their security obligations towards those agencies that depend on their products and also government bodies entrusted with keeping their information secure. The software we use is upgraded by constructing new systems on an old base, which means our entire cyber world stands on swampy ground.

It is also a tough challenge to access resources to renovate cyber assets without dismantling previous functions. Be it operating systems or other software, updates always come with unwanted features, and people hate to authorise them. For this reason, they ignore updates. In our country, almost all government and private sector offices usually take cyber security as an afterthought, and they hesitate to invest in upgrading to new systems. In the digital world, such negligence will surely make any institution susceptible to cyber-attacks.

For this reason, the government needs to show urgency in adopting advanced internet security systems and recruit skilled IT professionals who won’t leap at another job opportunity after six months. The government also needs to hire independent outside specialists who can measure their security dodges and recommend viable solutions. Instead of hiring IT engineers to perform multidisciplinary tasks including hardware, software and security, the government should redraft its recruitment strategy to hire professional specialists in the related field. Recent security breaches or the so-called ‘vulnerability test’ by Paradox Cyber Ghost is not actually a cyber-war, rather it’s undoubtedly an alert signal that the government of Nepal should immediately act on to protect its digital highways.

Biranchi is pursuing a Master’s degree in International Relation and Diplomacy, Tribhuvan University; Bibhuti is pursuing a Bachelor’s degree in Information Technology, St Xavier’s College