Cyber Incidents in Nepal

  • 7th Jun 2021
  • Onecover

Internet users have reached 20 million in Nepal. Cybercrimes rise more and more every year and it's not slowing down. With the pandemic, it's even growing more rapidly globally. Cyber incidents try to expose, modify, delete or steal valuable information. They attack everyone from low to high business companies. These are the type of incidents that usually occurs:

1.    To gain unauthorized access to a system

2.    For the processing or storing of data unauthorized use of systems

3.    Modifying systems firmware, software, or hardware without the system owner's consent.

4.    Either Malicious disruption or denial of service. 

It is said that cybercrime came into the spotlight in 2013. Even though the exact first cyber incident of Nepal is unknown, here are some of the early crimes that took place in Nepal:

  • In July 2013, a young woman fell victim to online swindling. She transferred Rs. 110,000 for an online air booking. She got back only Rs. 15,000.
  • Reported first Cyberbullying case on Kathmandu School of law on October 7, 2014
  • In 2016, an 18-year old boy operated Anonymous #Opnep to hack government websites 
  • A group of Turkish hackers breached the official website of the Department of Passport On June 27, 2017.
  • Biggest breaches of all times in Nepal, when Paradox Cyber Ghost hacked 58 government websites On July 25, 2017. 
  • An unidentified hacker hacked the SWIFT system of NIC Asia Bank on October 23, 2017. Hacker caught USD 4.4 million but the bank recovered USD 4 million.
  • Onlinekhabar news portal was accessed by a third party on November 28, 2017.
  • Narpichas @paapi_kto_mah, Twitter handler leaked the customer data of more than 160,000 customers of Vianet Communication on April 8, 2020, 
  • Similarly from Twitter Mr. Mugger, hacked and dumped data of 50,000 users of Foodmandu on March 8, 2020.
  • In September 2020, Five Chinese nationals hacked NEPS (Nepal Electronic Payment System). Nepal police arrested them trying to withdraw cash with cloned debit cards.

Likewise, many incidents have been reported. From famous Celebrity facebook hack to websites and ATM hacks. While many of them still unreported and out of the media reach. According to official statistics from 2018-2019, Recorded cases of cybercrime are 180 were 125 from Kathmandu and 55 from outside the valley.

Cyber incidents Prevention

  • Train your staff: ask them to check links, email addresses and double-check before granting requests
  • Keep your software and systems fully up to date: don't give a hacker a chance to exploit weakness 
  • Ensure Endpoint Protection: Protect your remotely working devices
  • Install a Firewall: to block brute force attacks
  • Backup your data: to avoid downtime
  • Control access to your systems: secure your office environment
  • Wi-Fi Security: Hide your Wi-Fi 
  • Employee personal accounts have a separate login for each staff member. 
  • Access Management: block staffs from accessing or installing network 
  • Passwords: have different passwords for every application

Cybersecurity Organizations and Companies in Nepal

The demand of cybersecurity increases with an increase in internet usage in almost all the business. Before investing in cybercrime was considered a waste of money. Currently, there's a cyber bureau to investigate these crimes. About 60 men and about 10 women work professionally in the field. Meanwhile, over 120 people include the students and junior workforce associated with the field. 

Though some reported incidents included ATM attacks, ransomware, spear phishing, privacy leaks. Furthermore, social media-related crimes were reported such as harassment; identity theft, child pornography, and dissemination of false information.

Some of the private organizations working in cybersecurity

1.    One Cover Pvt Ltd. It provides services like Security Consulting, Incident Response, Security Assessment, and Managed Security.

2. npCert: Information Security Response Team Nepal

Cyber Security in Nepal

Promote security awareness across industry, academia & public sector

Research and analysis of cybersecurity incidents

Gather and disseminate technical information on cybersecurity

3. Center For Cybersecurity Research and Innovation

CSRI can clearly determine cybersecurity issues and turn out applicable solutions and justify those solutions during an approach that everybody will perceive.