Major cybersecurity incident affects government websites in Nepal

KATHMANDU: In an unprecedented event, approximately 3,500 websites operating from the National Information Technology Center, the sole data center operated by the Nepalese government, faced a collective issue. Government websites, including prominent entities like the Prime Minister’s Office and the Ministry of Communications and Information Technology, encountered disruptions on both Sunday and Monday, causing inconvenience for users accessing services.

Pradeep Sharma Poudel, the Executive Director of the National Information Technology Center, disclosed that the disruption was a result of a targeted cyber attack on the center. He explained that the attack overwhelmed the server with a surge in traffic, leading to service interruptions. Poudel clarified that the incident was connected to issues with the Domain Name System (DNS), a critical component of internet infrastructure.

Attributing the attack to a distinct approach by the hackers, Poudel highlighted the challenge in pinpointing the origin of the assault. He emphasized that even secure servers could fall victim to cyber attacks, underscoring the importance of substantial investments in technology and human resources to mitigate such risks.

To prevent future occurrences, Poudel stressed the necessity of having a mirrored server in a different location. He admitted an oversight in not operating a server elsewhere when one server experienced issues. Poudel advocated for the establishment of two or three data centers to store critical data, acknowledging the vulnerability of government websites when there is no backup server.

Discussing challenges related to seismic risks and budget constraints, Poudel acknowledged the need for strategic placement of data centers in locations with lower seismic activity.

Poudel pointed out that in the event of a shutdown of the National Information Technology Center, real-time operations in Kathmandu would be severely impacted. He advocated for the implementation of a real-time mirroring system for the server.

Additionally, Poudel revealed that cybersecurity experts recommended adopting a ‘hybrid’ model for the center, where both government and external experts collaborate. Information and budgets for this approach are already in the pipeline within the Ministry of Finance.

Nitra Subedi, the spokesperson for the Ministry of Information and Communications Technology, confirmed that the Surveillance Team detected the cyber attack promptly. While the technical team has been tasked with resolving the server issues, the lack of a budget has hindered the center’s ability to function optimally.

The incident underscores the growing importance of robust cybersecurity measures and strategic planning to safeguard critical government infrastructure against cyber threats. Authorities remain committed to addressing and resolving the issue promptly to ensure the uninterrupted functioning of essential government services.