Editorial
Hackers Inc
Security breach in NT should remind govt agencies about the value of cyber securityA group of hackers called Anonymous#opnep has allegedly breached into the server of the Nepal Telecom (NT), the state owned telecommunication service provider.
Although NT officials denied any security breach, the hackers had taken to their Facebook page to claim that they have access to the NT server and released a screenshot of it to prove their claim.
The Information Technology Security Emergency Response Team Nepal, a group of Nepali Information Technology experts, believes that the cyber security system of the NT has been compromised because the NT does not carry out vulnerability assessment audits on a regular basis.
With increasing access to computers and the internet, cybercrimes such as hacking have become a matter of concern for all countries including Nepal. At their worst, hackers pose national security challenges.
The Nepal Police asserts that cyber crimes have been increasing every year in the country—in 2014-15 it went up by 105 percent from the previous year. According to the government’s Electronic Transactions Act, 2008, a computer crime offence can lead to a fine not exceeding Rs 50,000 or imprisonment not exceeding six months, or both, depending on the degree of the offence.
Hacking can be broadly categorised as benevolent or malevolent. Benevolent hackers often uncover security vulnerabilities of systems but have no criminal intent.
The hackers who breached into the NT’s server apparently did not cause any public harm. Taking their statement at face value, their intent appeared to be to push the NT to improve its security system and provide better services to the public. The group emphasised that they hacked into the NT server to protest against the corruption and malpractices in the organisation.
If true, this is a form of hacktivism—the act of hacking for a politically or socially motivated purpose. In the international arena, hacktivism has become common with groups that campaign for openness such as Anonymous and Lulzsec, Wikileaks and the file-sharing site Megaupload.com. Even in Nepal, government sites have been hacked numerous times in the past. Whether or not the Anonymous#opnep group should be considered criminal is open to debate.
But the larger issue the government needs to address is its capability to deal with cyber attacks. The NT is liable to its thousands of customers and a security breach in its system is partly because of its deficiencies. This incident should also send a stark reminder to other government agencies to take cyber security more seriously.
In this day and age, the government needs to defend itself beyond geographical borders. Although the Nepal Police has been making great strides towards containing cyber crimes, government agencies need to step up their internet security. As law enforcement agencies do the world over, Nepali authorities should also consider hiring hackers to limit security vulnerabilities and thwart criminals. But in all this the political message of the hackers should not be overlooked.