58 govt websites ‘hacked to test vulnerability’In what seems to be one of the biggest breaches of government computer systems, as many as 58 websites were reportedly hacked on Sunday by a group that called itself “Paradox Cyber Ghost”.
In what seems to be one of the biggest breaches of government computer systems, as many as 58 websites were reportedly hacked on Sunday by a group that called itself “Paradox Cyber Ghost”.
The group subsequently posted a status on Facebook, along with a list of government websites, including the Ministry of Defence, Office of the Auditor General and Nepal Law Commission, that it had hacked.
“Anonymous Hacker Arrived. ‘Security is just an illusion’ to us coz we are unbeatable,” the hacked websites read.
While some of the websites that were said to have been hacked were up and running by Monday evening, most of them remained suspended.
The hacker’s group—“Paradox Cyber Ghost”—in a Facebook conversation with the Post claimed that the act was just a “vulnerability test” and that it did not have any other motive.
The group claimed that it has five members and that none of them are Nepalis.
“We hacked all your sites in three minutes,” the group said.
Asked why it targeted government computer systems, the group said: “Because government sites are most popular ones among us hackers.”
This, however, is not the first instance in which hackers have targeted government agencies. In July 2015 the official website of President of Nepal was hacked. A website of the Department of Passports was hacked last month.
Reacting to the breach of government computer systems, the Ministry of Science and Technology on Monday formed a committee under Birendra Kumar Mishra, director general of the Department of Information Technology, to look into the matter.
The three-member committee has been given three days to make necessary recommendations to prevent hacking in future.
“We have concluded that such activities have been recurring as the government websites lack uniformity and are handled in a haphazard manner,” said Ram Adhar Shah, joint secretary at the Ministry of Science and Technology.
“But there is no need to worry,” said Shah, adding that confidential documents are not uploaded on government websites.
“Almost all the government agencies put general public notices, acts and policies and programmes on their websites. So chances of stealing government secret are unlikely. This, however, doesn’t mean we shouldn’t take initiatives to prevent such cyberattacks,” he added.
The hack, however, has exposed the vulnerability of government computer systems.
Binod Dhakal, president of Computer Association of Nepal (CAN) Federation, said hackers have succeeded in stepping into the government territory due to the state’s apathetic attitude towards the Information and Communication (IT) sector.
“Cyberattack is a global phenomenon and least developed countries are more vulnerable to it. The government should scale up security in the cyber space to prevent such incidents from taking place in future,” said Dhakal. He added that the CAN Federation had earlier recommended that the government use www.nepal.gov.np as the central website and redirect all others websites through it so that the websites can be better protected.
The Central Investigation Bureau of Nepal Police, meanwhile, said it was unaware of the development.