Editorial
Firewalls and firefights
Cybersecurity needs to be integrated into every aspect of policy and planningAs the number of internet and social media sites has been increasing globally, including in Nepal, cybersecurity has become more important than ever. Last week, the website of Tribhuvan International Airport was compromised by a hacker who claimed to be operating from Indonesia. The website belonging to the country’s only international airport remained out of commission for more than two days before it was restored on Sunday noon. In another incident, the website of the Public Service Commission was reportedly hacked too. Last year, a group calling itself Paradox Cyber Ghost broke into 58 government sites in the name of conducting a ‘vulnerability test’.
As there are increasing chances of government secrets being stolen by actors with malevolent intent, the issue of cybersecurity cannot be overlooked. It raises concern as to how well prepared we are to respond to dangerous cyber threats. A series of brazen hacking attacks should thus spur lawmakers in Parliament to propose cybersecurity legislation. Cybersecurity is constantly evolving, and the size, sophistication and cost of cyber attacks are only growing. Nepal has embarked on the path to e-governance, but the road to securing data and overcoming the vulnerability from such attacks seems to be long and hard.
According to the Nepal Telecommunications Authority (NTA), 2.25 million new users were connected to the internet last year. As of October 2017, a total of 16.67 million Nepalis had been connected to the internet, up 15.60 percent year-on-year. Thanks to the penetration of smart phones, the staggering growth means that nearly 63 percent of Nepal’s population is now connected to the World Wide Web.
Back in 2010, less than 30 percent of Nepalis used the internet. This means more and more personal information of citizens is being processed and stored digitally by the government. The financial sector is growingly relying on digitalising accounts too. While these developments are positive, on the flipside, it could also potentially put a trove of data into the hands of hackers if appropriate defences against cyber crime are lacking. The Electronic Transaction Act 2006 deals with issues related to cyber crime, and also helps in implementing laws governing cyber crime; but it is thoroughly outdated and does little to protect users online.
At a time when the prime minister wants to focus on a digital Nepal for prosperity, the cybersecurity regulatory landscape demands amendment. The ever growing number of online users and sustained efforts to provide affordable access means that cybersecurity needs to be integrated into every aspect of policy and planning. An initial step could be to fund cybersecurity research. We need to swiftly frame an appropriate and updated cybersecurity policy, create adequate infrastructure, and foster closer collaboration between all stakeholders to ensure a safe cyberspace. Our cybersecurity strategy must be able to protect multiple digital intrusions at all levels: military espionage, electronic attacks disturbing critical infrastructure, data privacy, and finally the integrity and security of citizens.