Hacking is a global phenomenon. Earlier this month, hackers broke into a sensitive Indian naval computer system at Visakhapatnam, Andhra Pradesh and apparently relayed confidential data to various IP addresses in China. Russia, which is believed to host some of the world’s most efficient hackers, is home to Maxus, probably the country’s most notorious hacker, who earlier this year stole credit-card numbers from an online retailer and demanded US $ 100,000 in ransom. When he didn’t get any money, Maxus posted the stolen numbers on a website. In another astonishing feat this year, Canadian hackers managed to crack open the security system of Google Chrome, one of the most popular and most secure of available browsers—in under five minutes.
Nepal too hosts a thriving group of hackers. They have, over the last decade, repeatedly got past security codes of many sensitive government websites, besides breaking into nearly 2,000 private websites. Given the exponential growth in information technology in recent times and the easy availability of sophisticated hacking tools (and tips) online, stopping hackers has proven to be no small task even for the countries with supposedly the most secure systems in the world: Back in February, opponents of a controversial global copyright treaty successfully hacked into websites of two US government agencies. It isn’t surprising then that IT expert and internet service providers in Nepal have little clue about the modus operandi of Nepali hackers.
Hacking of websites of sensitive government bodies like the Ministry of Finance, Supreme Court and Nepal Telecommunications Authority as well as those of many private banks for information on customers, have raised serious question marks over the country’s readiness to secure important portals. There are some clear culprits: First, there are no well-defined policies on cyber crimes in the country; second, the precipitous growth of hard-to-secure wi-fi networks has made it easy for hackers to espy on private information entered by computer users in the vicinity, thereby also adding to the complexity of tracking them; and third, the government has not been able to enforce even the existing punitive measures against cyber crimes.
It is clear that if strong measures are not taken to tackle cyber crimes, the problem is likely to get from bad to worse, both for the government as well as common people. While it has become easy for professional hackers to steal sensitive information (that could have a direct bearing on the country’s security and national interest) from insecure government websites, more and more people are likely to fall victims to hacking of their bank and other online payment accounts. To meet this challenge, all government as well as other public-interest sites must be made to undergo a through security audit before their launch.
This will help detect loopholes in the sites which hackers can exploit. Public awareness campaigns on hacking that educates people on securing their online data would help too. Given the scale of damage a serious breach of the website of even a single big public-interest organization could inflict, the country cannot afford to sit on the issue, not even (or especially) during this wrenching period of transition with its heightened vulnerabilities