cybersecurity vulnerabilities

Cyberattacks in Nepal

The use of digital technology and the internet has brought many benefits to individuals and businesses in Nepal, but it has also welcomed new threats in the form of cyberattacks. In recent years, the number of incidents of cybercrime has been increasing , which has raised concern among individuals, businesses, and the government about the security of their online information and the need for better protection.

Types of Cyberattacks in Nepal

Cyberattacks appear in many forms, and in Nepal, the most common types of attacks include:

  • Hacking: Hacking involves unauthorized access to a computer system or network, and it can the result in the theft of personal and financial information, as well as damage to the system itself.
  • Phishing: Phishing is a type of online fraud that uses emails, messages, or websites that appear to be from a trusted source, such as a Bank or a Government Agency, to trick users into revealing their personal information.
  • Online fraud: Online fraud can take many forms, including the sale of fake products, lottery scams, and investment fraud, and it often targets people who are not familiar with the internet.

Reasons Behind the Increase in Cyberattacks in Nepal

There are several reasons behind the increase in cyberattacks in Nepal, including the growing use of the internet and digital technologies, the lack of adequate cybersecurity measures, and the lack of awareness among Nepalese users. Additionally, many people still use weak passwords, neglect to install software updates, and are not cautious about opening suspicious emails or clicking on links from unknown sources, making it easier for cybercriminals to carry out attacks.

Another major factor contributing to the increase in cyberattacks in Nepal are the lack of proper laws and regulations to address cybercrime. This has made it difficult for law enforcement agencies to investigate and prosecute cybercriminals, leaving victims with little resource for recovery. The Nepalese Government has taken steps to improve cybersecurity in the country, but there is still much work to be carried out to ensure the safety and security of Nepal's digital environment.

Some Incidents of Cyberattacks in Nepal

The official website of the Department of Passport got hacked on June 27, 2017, by a group of Turkish hackers and defaced with threatening notes to reveal the Government’s data.

On the same year October 23, the SWIFT system of NIC Asia Bank was reportedly hacked by an unidentified hacker. They intercepted 4.4 million USD from the utilizer accounts to six different countries. The bank claimed they recuperated about 4 million USD.

In September 2020, Nepal Police apprehended five Chinese nationals who were endeavoring to withdraw cash with cloned debit cards. The inculpated had hacked the Nepal Electronic Payment System (NEPS), an interface that sanctions the transaction of money deposited in a bank by utilizing cards issued by other member banks.

In January 27th 2023, The Government of Nepal’s National Portal and 500 other websites with the domain name went offline. Databases of the immigration and passport management systems under the Government Integrated Data Centre (GIDC) were disrupted due to what is known as a Distributed-Denial of Service or D-DoS attack. Tribhuvan International Airport in Kathmandu was also crippled. The immigration desks at the arrival and departure lounges were unable to provide travel clearances to hundreds of passengers, and several international flights were delayed for at least three hours as a result.

To address these concerns, the Government of Nepal has taken steps to improve cybersecurity in the country. Additionally, the Government is working to raise awareness among Nepalese citizens about the importance of cybersecurity and to provide training and resources to help individuals and businesses protect themselves. Also, different private organisations are working in the field of cyber security We, Green Tick Nepal, are also providing different awareness programs and cyber security services as per the organisation’s requirements. In this context, recently Green Tick Nepal has developed a SIEM (Security Information and Event Management) solution called GKAVACH-Nepal's first Next-Gen SIEM which offers a range of advanced cybersecurity solutions to facilitate organizations in protecting their data and systems generated among networks, systems, servers and application.

Impact of Cyberattacks in Nepal

Cyberattacks can have serious consequences for individuals, businesses, and the country as a whole:

For individuals, a cyberattack can result in the theft of personal and financial information, which can be used for identity theft or financial fraud.

For businesses, a cyberattack can result in the loss of confidential information, disruption of operations, and damage to reputation. The impact of cyberattacks in the country as a whole can include loss of confidence in the security of online transactions, reduced investment in digital technologies, and damage to the country's reputation as a secure place to do business.

What Can Be Done to Address Cyber Attacks in Nepal

To address the problem of cyberattacks in Nepal, individuals, businesses, and the Government of Nepal must work together to improve cybersecurity, which can be initiated in the following ways:

  • Developing and implementing cybersecurity laws and regulations that are up-to-date and in line with international standards.
  • Encouraging organizations to adopt good cybersecurity practices, such as implementing SIEM, regular software updates, encryption of sensitive data, and use of strong passwords, etc.
  • Raising awareness among citizens about cyber threats and how to protect themselves through education and outreach programs.
  • Building partnerships with international organizations and other countries to share information and best practices for mitigating cyberattacks.
  • Educating employees on good cybersecurity practices and raising awareness about the dangers of phishing, social engineering, and other types of attacks.
  • Conducting regular security audits and penetration testing to identify and address vulnerabilities.
  • Enhancing international cooperation to tackle cross-border cybercrime and to enforce laws related to cyber security.
  • Encouraging the private sector to invest in cybersecurity technologies and services, to create a more secure digital ecosystem.


In conclusion, cyberattacks in Nepal are a growing concern that requires immediate attention. By working together to improve cybersecurity, Nepalese individuals, Nepalese organisations , and the Government of Nepal can protect their online information and secure the country's digital future.