Nepal Army Hosts Critical Cybersecurity Session Amid Rising National Threats

17th June 2025, Kathmandu

Amid escalating global cyber threats and a string of recent high-profile breaches in Nepal, Mona Nyachhyon Gopaju, Founder and CEO of MonalTech, delivered a pivotal presentation during a special session hosted by the Nepal Army Cybersecurity Division.

Nepal Army Critical Cybersecurity Session

In a talk titled “Nepal’s Cyber Threat Landscape: Emerging Threats and Protective Measures,” Gopaju highlighted how Nepal, despite its size, holds the potential to lead through innovation and strategic defense. Drawing attention to over 2.9 million personal records breached across government systems in 2025 alone, she emphasized the urgent need for national preparedness and collaboration.

“Nepal is no longer just a passive observer. We are a new target, a new battleground—used by global APT groups for espionage, manipulation, and cybercrime,” she warned.

The presentation shed light on recent attacks, including the exploitation of biometric data, which has endangered vulnerable communities such as the Rohingya refugees. Gopaju illustrated how state and non-state actors exploit weak data protection practices, especially in developing nations.
Key Insights from the Session:

Nepal’s Rising Vulnerability: Over 2 million citizens’ data has been leaked, including photos, citizenship IDs, and even government email accounts (.gov.np).

Active APT Presence: North Korean, Russian, Chinese, Iranian, and South Asian cyber threat groups are now actively operating within Nepal’s digital ecosystem.

Systemic Gaps: Nepal suffers from weak penalties for cybercrimes, a lack of transparency, and unclear cybersecurity governance.

Call for AI-Driven Forensics: Emphasized the need for automated incident response, legal-grade digital forensics, and tools like LogPoint and Carbon Black.

The session also presented a chilling storyboard on how stolen identities are used for SIM cloning, account creation, financial laundering, and more, all from inside Nepal’s borders.

“We must act now. The digital sovereignty of our nation is at stake,” Gopaju concluded, urging military, government, and tech leaders to establish stronger frameworks for threat detection, prevention, and prosecution.

As Nepal rapidly digitizes, events like these mark a crucial shift toward national cyber resilience.

The Nepalese Computer Emergency Response Team (npCERT) serves as Nepal’s pioneering community-driven national agency for addressing cybersecurity incidents, an initiative spearheaded by cybersecurity policy expert Chiranjibi Adhikari. Its core objectives encompass swift incident response and handling, proactive vulnerability management within Nepal’s IT infrastructure, continuous security threat assessment with early warning dissemination, and active participation in developing cybersecurity policies and guidelines.

Furthermore, npCERT aims to enhance national cybersecurity capabilities through capacity building and public awareness campaigns, alongside fostering international cooperation with other national CERTs to exchange best practices. With npCERT leading the way, there is an optimistic outlook for the active involvement of a government-led CERT in Nepal and the subsequent formation of specialized sectoral CERTs to further strengthen the nation’s digital defenses.

For more: Nepal Army Critical Cybersecurity Session