September 18th, 2019, Kathmandu
Internet is used to access public network while keeping your details confidential and secure. We do everything on the internet – from the banking business, online shopping, etc. The questions of are we aware of the security of our sensitive details are the main thing. According to the Metropolitan Crime Investigation Center, about 1200 cybercrime complaints have been registered in the last eleven months, of which 72 were registered in court. From small financial institutions to commercial banks is not quite advanced in terms of cybersecurity. Whether it is hacking a bank’s server system, stealing money from ATMs, cybercriminals are using their weapons as weak links such as email, mobile and web applications.
To understand these issues in-depth in the context of Nepal we can observe recent ATM attack:
Recently, some Chinese hackers hacked a system of fake ATM card from a bank of ATM booths in different banks by hacking the system of NEPS (Nepal Electronic Payment System), a company that facilitates visa card services to commercial banks.
This is considered to be the newest way to hack. Under which only the money kept in the ATM booth was stolen by hacking the system of NEPS without attacking the bank’s system. Even though the bank’s large sums have been prevented from being stolen, cybersecurity weaknesses have been exposed to financial institutions in Nepal.
Cybersecurity challenges are many and very complex. So how to reduce it by adopting preventive measures? Understanding how to adopt security measures before a potentially major event is key. Every individual, systems, and technology can be strictly implemented in cybersecurity. It is important for every shareholder to be aware of this matter. Since cybersecurity is a very widespread topic, it has to be adopted by organizations and offices in different ways according to how they function.
Below are the few measures, we can prevent cyber-attacks to some extent:-
As hackers know the weakness and attack, first of all, we should spread awareness among the employee of the organizations and various institutes. For this awareness, seminars should be conducted from time to time.
Department related to cybersecurity under the leadership of information technology department should be created. Constant evaluation and monitoring are required.
Installment of security systems at different levels of the network is most important. Security technology associated with email should also be made.
Cybersecurity risk should also be the basis for evaluation of any software or hardware purchasing system in any organization. All you have to do is look at how safe the content you are purchasing, whether international security standards are met.
Auditing and cybersecurity testing in your organization is an important aspect of the organization. Every year, information technology needs to be audited at a specified time and work should be done according to the reports it receives.
In addition, tasks such as vulnerability assessment and penetration testing and server hardening need to be done together. It focuses on where the organization is lacking and what to do for it. There are various ways to prevent yourself from cyber-attack.
Cyberattack is not preventable in a single jolt but with working on coordination it is possible and also beneficial for every individual.