Securing Digital Highways

               In month of July, this year, Nepal experienced the ‘vulnerability test hack’ of 58 government website slashed in just three minute, as claimed by hackers group. Same year the Department of passport was hacked, tailed by Nepal’s president official website hack in July 2015. This recent breaks indirectly challenge the cyber security system of Nepal’s Government, indicating large loopholes and cyber vulnerabilities of central agencies that handgrip information of National importance. Preventing such attacks seems possible in future but it demands excessive finance and complete revision on the way government as well as other technological firm handle software and primary websites. Cyber-security has now become a global problem with no country in exception, including third world and least developed nations. After land, sea, air and space, the pendulum of security threat has tilted to another domain: cyberspace. 

 

Recently released Global Cyber-security Index (CGI) 2017 shows Nepal’s vulnerable Cyber wellness with score of 0.275, India 0.683 and Singapore makes the highest score with 0.925. With little control over the systems used by Nepalese professionals as well as the data passing through them, Nepal’s homeland security design remains under virtual threat. Mainly our Cyber- architecture seems prone to three kinds of digital invasions: ‘SQL injection’ means a code injection technique used to attack data-driven applications; another is ‘espionage’, which includes interfering into systems to steal information, and ‘Brute Force Attack’ is an algorithm attack system which search vulnerability in system and access inside. 

The information and communication technologies (ICT) networks, devices and facilities are more and more critical for daily life. In 2016, nearly half the world used the web network (3.5 billion users) and  one evaluation revels that, there will be above 12 billion machine-to-machine devices networked to the Internet by 2020. Yet, likely in the real world, the cyber space is also vulnerable to various security pressures that can result great digital destruction.  Web networks regulate the nation’s security grid, e-commerce, and stock markets and traffics other data highways. It’s why many developed nations acknowledged the risk of cyber-attack on homeland’s network infrastructure as one of the biggest threats.  An unbelievable numbers of cyber-breach daily knockout global networks with the cost of trespassed secret information, personal security, and most of the time culprit walk out unidentified.

Originally, the internet was regarded as the hallmark of new world, and now the presence of internet makes it integral part of human existence. Therefore, cyber security should be primary concern for not just government but private enterprises and individual should also exercise caution on such matter. Nowadays, information is power, and millions of wicked-genius are prepared to take risk and stake almost anything to get it. On one hand many private organizations and governments around the world are alarming their staff to think twice before clicking anything received form email on other hand hackers have already upgraded to new strategy of outbreak, targeting social media accounts where large number of public are likely to be gullible. Now we are on verge to ruminate whether the current customer support mechanism, which ensures users security, needs to be restructured.  It’s also a time for mainstream software companies to realize their security obligation towards those agencies counting on their products and also government bodies entrusted with keeping their information secure. The software we use are upgraded by constructing new systems on old base, which means our entire cyber world stand on tumbling swamps. 

There also remains tuff challenge on accessing resources to renovation cyber assets without dismantling the previous functions. Be it operating systems or other software, updates always comes with unwanted features and people hate change; as a result they ignore updates.  In our country almost all government as well as private sector are cultured to take cyber security as an afterthought and also shows hesitation in investing and upgrading systems. Amid digital world such negligence could   surely make any institution susceptible to cyber-attack. 

That’s why every government need to show urgency to adopt advance internet security system and recruit skilled IT professionals who won’t leap to other job after six months. Government also need to hire independent outside specialists who can measure their security dodges and recommend viable solutions. And Under government quota, instead of hiring and enforcing IT Engineer for multidisciplinary works including hardware, software and security; the government should redraft recruitment strategy to hire pro specialists in related arena.  Recent security breach or so called ‘vulnerability test’ by  “Paradox Cyber Ghost” is not actually a cyber-war rather it’s undoubtly an alert signal that government of Nepal should immediately act to protect its digital highways. 

 ---A version of this op-ed piece appears in print on Spetember 1, 2017 of The Kathmandu Post.>>>(http://kathmandupost.ekantipur.com/printedition/news/2017-11-01/watch-what-you-click.html)