Nepal-India cyber war might get uglier

Kathmandu, May 25

On May 24, a hacker took down the website of Civil Aviation Authority of Nepal (CAAN) and placed an Indian flag along with a message on its home page.

The hacker’s message read, “Just because we are silent and we don’t react doesn’t mean didn’t notice.”

This is one of the few instances of the recent Nepal-India cyber war. This past month has witnessed a barrage of cyber-attacks between unidentified hacker groups of Nepal and India. The back-and-forth digital skirmishing has been called a cyber warfare supposedly orchestrated by cyber extortionists of the two sovereign nations after Nepal released a new political and administrative map incorporating Limpiyadhura, Lipulekh and Kalapani. It all began when an Indian hacking group called ‘Indian Cyber Troops’ defaced the dprobanke website, a government website run by the Botanical Research Centre in Banke with the message: ‘Don’t mess with Indians!’

In retaliation hacker groups of Nepal were quick to make their moves where a hacker called ‘SATAN’ divulged fabric’s API Key of ABP News. Then an anonymous Nepal-based hacker by the alias Omsec5 claimed to have hacked HDFC Bank’s data while also leaking over 2,000 Aadhar card details of Indian nationals. Thankfully, though, as per ICT Frame, a cyberspace-oriented magazine, which has been reporting on cyber crimes and cyber security in Nepal, the Indian Cyber Troops, via their social media handle did try to bury the hatchet. The group’s Facebook post dated May 22: “We’ve talked to Nepali hackers and now we are going to stop attacks. We are brothers. Establish peace,” ending with #JaiHind and #Jai_Nepal.

However, things took a different turn after SATAN posted this: “We were gonna stop but some kids again started to deface our sites! We can’t just sit back and watch. This is just a demo! #BackOffIndia.”

SATAN’s retort has clearly exacerbated the situation. The Indian Cyber Troops has clearly taken offence at Nepal’s unwillingness to put an end to this warfare further threatening a possible all-out war from many hacking groups based in India. “This will lead to huge loss,” reads the Troops’ post from May 23.

While the damage from incoming cyber attacks can be considerable, so far the assaults perpetrated by the hackers of two nations haven’t yet focussed on attacking systems directly. Recently, Nepal National Library’s  (NNL) website was hacked and defaced by a hacker with alias Shamaroosh. As per Upendra Prasad Mainali, Chief at NNL, the hacker though could only find a way into the website and not the whole system.

SATAN’s attack on ABP News has been exposed by one Ravi Mandal, a Cloud Engineer at Xamariners, as being nothing quite harmful. “API Key is identification of a client and not a secret. It is like sharing mobile number with someone else so they can contact you. So sharing API keys is not hacking,” claims Mandal.

A country ill prepared

But contrary to these claims, Chiranjibi Adhikari, immediate Past President at Centre for Cyber Security Research and Innovation, and Editor of ICT Frame says it’s foolish to assume such acts of cyber crime as non-threatening. “Yes, perhaps the system wasn’t hacked, but privacy is being attacked and cyber space failure is apparent,” he purports. In Nepal data breaches aren’t uncommon but what is lacking is the proper mechanism to respond to such breaches in security. “When thousands of customer data is compromised, the company responsible to protect customer data should be held accountable. But Nepal’s Cyber Law is silent on this matter,” he says.

As per Microsoft’s Malware Infection Index 2016, Nepal was the fourth most malware infection-prone nation. Adhikari fears the country’s position might worsen as many Nepalis adjust to working from home. It’s during crisis that cyber security is mostly compromised, and given the pandemic, advocates of cyber security are certain that cyber assaults will be more lethal and frequent as unethical hackers, the black hatters will be looking to strike when the iron’s hot.

During the 2015 earthquake, Nepal had seen a surge in cyber attacks mostly email scams requesting donations for fraudulent charitable organisations with attachments directing users to malware infected websites. Back then, it was the US-CERT that had made the Nepali government aware of such activities. In the wake of the pandemic too, such scams have started circulating and with Nepal-India cyber warfare, cyber assaults are expected to rise.

After the assault on CAAN’s website, Adhikari is now concerned about a possible attack on the nation’s healthcare system. Cyber-criminals can exploit software vulnerabilities to steal patients’ data or infect the network with malware. To try and mitigate the damage of the warfare, Information Security Response Team Nepal will be in the next couple of days hosting a dialogue with cyber security professionals in India to try and talk the hackers out of the unethical and damaging cyber war. The Nepali security response team has often tried to get in contact with cyber groups like SATAN but to no avail.

A version of this article appears in e-paper on May 25, 2020, of The Himalayan Times.