Cyber-Security Threats in Nepal Technical communication

(A Case Study of Cyber Security threats in Nepal)

A Thesis Proposal

Submitted to Asia Pacific University, Techspire college,

In Partial Fulfillment of the
requirement for the Degree of Bachelor of Science in IT

Sangam Humagai
NP069751
Section: A4

Asia Pacific University, Malaysia

TECHSPIRE COLLEGE
Kathmandu, Nepal
29nd May 2024

1|Page
Cyber-Security Threats in Nepal Technical communication

Table of Contents
CHAPTER I: Introduction........................................................................................................................................ 3
Background of the Study................................................................................................................................... 4
Statement of the Problem................................................................................................................................. 5
Objectives of the Study..................................................................................................................................... 7
Research Questions/Hypothesis........................................................................................................................ 8
Significance of the Study.................................................................................................................................. 9
Limitations of the Study.................................................................................................................................. 10
Structure of the Study..................................................................................................................................... 10
Chapter I: Introduction........................................................................................................................................ 11
Chapter II: Review of Literature and Theoretical Framework...........................................................................11
Chapter III: Research Methodology................................................................................................................. 11
Chapter IV: Data Analysis and Interpretation..................................................................................................12
Chapter V: Conclusions and Recommendations..............................................................................................12
Operational Definition of Key Terms.................................................................................................................... 13
Cybersecurity:................................................................................................................................................. 13
ICT(Information and Communication Technology):..........................................................................................13
Malware:..................................................................................................................................................... 13
Phishing:..................................................................................................................................................... 13
Ransomware:.............................................................................................................................................. 13
CHAPTER II: Review of Literature and Theoretical Framework.............................................................................14
Theoretical Review.......................................................................................................................................... 14
1. General Theory of Cybersecurity............................................................................................................14
2. Defense in Depth Strategy.......................................................................................................................... 14
3. Cyber Kill Chain Model............................................................................................................................ 15
Integrating Theories for ICT in Higher Education............................................................................................16
Cybersecurity Theories in Higher Education...............................................................................................16
1. General Theory of Cybersecurity in Higher Education............................................................................16
2. Defense in Depth Strategy in Higher Education.....................................................................................16
3. Cyber Kill Chain Model in Higher Education............................................................................................17
Case Studies and Previous Research..........................................................................................................17
Challenges Faced by Educational Institutions.................................................................................................18
Empirical Review............................................................................................................................................. 18
1. Cyber Threat Landscape in Nepal...........................................................................................................18
2. Cybersecurity Awareness and Preparedness..........................................................................................19
3. Impact on Critical Sectors.......................................................................................................................19
Policy Review.................................................................................................................................................. 19
1. Comparative Analysis with International Standards................................................................................19
2. Strengths and Weaknesses Assessment.................................................................................................19
3. Policy Recommendations........................................................................................................................ 20
Conceptual Framework................................................................................................................................... 20

2|Page
Cyber-Security Threats in Nepal Technical communication

Implication of the Study.................................................................................................................................. 20

1. Policymakers:.......................................................................................................................................... 20
2. IT Professionals:...................................................................................................................................... 21
3. Other Stakeholders:................................................................................................................................ 21
Research Gap.................................................................................................................................................. 21
CHAPTER III: Research Methodology....................................................................................................................22
Research Design............................................................................................................................................. 22
Rationale.................................................................................................................................................... 22
Rationale of the Site Selection........................................................................................................................ 22
Rationale:................................................................................................................................................... 22
Universal and Sampling Procedure................................................................................................................. 22
Sampling Method:....................................................................................................................................... 22
Source and Nature of Data.............................................................................................................................. 23
Data Collection Tools and Techniques............................................................................................................. 23
Data Interpretation and Analysis.....................................................................................................................23
Ethical Considerations..................................................................................................................................... 23
Validity and Reliability..................................................................................................................................... 24

CHAPTER I: Introduction
Background of the Study
The modern world is increasingly interconnected through the proliferation of Information and Communication
Technology (ICT), which has revolutionized numerous sectors, including education, healthcare, commerce, and
governance. This digital transformation has facilitated unprecedented access to information, enhanced
communication, and streamlined various operational processes. In developing nations like Nepal, the rapid
adoption of ICT is seen as a critical driver of socio-economic development, providing a platform for innovation,
efficiency, and inclusivity. However, this digital progression also brings about significant challenges, particularly
in the realm of cybersecurity.

3|Page
Cyber-Security Threats in Nepal Technical communication

The advent of ICT has not only enhanced the productivity and growth potential of various sectors but has also
exposed them to a myriad of cyber threats. These threats range from relatively simple forms of cybercrime
such as data breaches and malware attacks to more sophisticated threats like phishing scams, ransomware,
and Advanced Persistent Threats (APT). The cyber threat landscape is continuously evolving, with
cybercriminals becoming increasingly adept at exploiting vulnerabilities within digital systems. This dynamic
threat environment poses a significant risk to the integrity, confidentiality, and availability of information and
critical infrastructure.

In Nepal, the integration of ICT into daily life and business processes has been rapid. The government has
embarked on various initiatives to promote digital literacy and expand internet access across the country. As a
result, there has been a substantial increase in the use of digital platforms for education, healthcare, banking,
and other essential services. While these advancements are commendable, they also come with a heightened
risk of cyber threats. The increasing reliance on digital technologies, coupled with the inadequacy of robust
cybersecurity infrastructure and awareness, has made Nepal particularly vulnerable to cyber-attacks.

The ICT landscape in Nepal is characterized by a mix of opportunities and challenges. On one hand, there is
significant potential for leveraging digital technologies to drive economic growth, improve public services, and
enhance connectivity. On the other hand, the lack of a comprehensive cybersecurity framework, insufficient
regulatory measures, and limited cybersecurity awareness among users present serious challenges. Many
organizations in Nepal, both in the public and private sectors, lack the necessary resources and expertise to
effectively combat cyber threats. This situation is further exacerbated by the global nature of cybercrime,
which transcends geographical boundaries and makes it difficult for individual nations to address the issue in
isolation.

Cyber threats in Nepal have manifested in various forms, affecting different sectors to varying degrees. Data
breaches, for instance, have compromised the personal and financial information of individuals, leading to
identity theft and financial fraud. Malware attacks have disrupted the operations of businesses and government
agencies, resulting in significant financial losses and reputational damage. Phishing scams have deceived
individuals into revealing sensitive information, while ransomware attacks have locked users out of their
systems, demanding payment for restoring access. Advanced Persistent Threats (APTs), which involve
prolonged and targeted cyber-attacks, have been used to infiltrate high-value targets, such as government
institutions and critical infrastructure. One of the fundamental issues contributing to the vulnerability of Nepal's
ICT infrastructure is the lack of cybersecurity awareness among users. Many individuals and organizations do
not fully understand the nature of cyber threats and the importance of implementing basic cybersecurity
measures. This lack of awareness extends to the adoption of poor security practices, such as weak password
management, inadequate software updates, and insufficient data encryption. Additionally, there is a general
underestimation of the risks associated with cyber threats, leading to complacency and a reactive rather than
proactive approach to cybersecurity.

Furthermore, the existing cybersecurity policies and regulations in Nepal are often outdated and inadequate to
address the current threat landscape. While there have been efforts to develop national cybersecurity
strategies and frameworks, their implementation has been slow and fragmented. The lack of a cohesive and
comprehensive approach to cybersecurity has resulted in gaps in protection and response mechanisms. For
instance, there is a need for better coordination and collaboration among various stakeholders, including
government agencies, private sector entities, and international partners, to effectively combat cyber threats.

The inadequacy of cybersecurity infrastructure is another critical challenge. Many organizations in Nepal lack
the necessary technological tools and resources to detect, prevent, and respond to cyber incidents. This
includes a shortage of skilled cybersecurity professionals who can develop and implement effective security
measures. The gap in technical expertise is a significant barrier to building a resilient cybersecurity framework.
Additionally, the rapid pace of technological advancements and the sophistication of cyber threats require
continuous learning and adaptation, which is often lacking in the current cybersecurity workforce in Nepal.

Given the growing digital footprint and the increasing incidence of cyber threats, there is an urgent need to
address the cybersecurity challenges facing Nepal. This study aims to provide a comprehensive analysis of the
cybersecurity threat landscape in Nepal, identify the key vulnerabilities within its ICT infrastructure, and
evaluate the effectiveness of existing policies and measures. By doing so, it seeks to contribute to the
development of a robust cybersecurity framework that can protect Nepal's digital assets and support its
continued socio-economic development.

In conclusion, while Nepal's journey towards digital transformation holds immense promise, it is imperative to
recognize and address the accompanying cybersecurity challenges. The increasing dependence on digital
platforms necessitates a proactive approach to cybersecurity, involving awareness, education, policy
development, and technological investment. Strengthening cybersecurity infrastructure and enhancing
awareness among users will be crucial in safeguarding Nepal's digital future and ensuring that the benefits of
ICT can be fully realized without compromising security. This study aims to provide valuable insights and
recommendations to help achieve these objectives, contributing to a safer and more secure digital environment
in Nepal

4|Page
Cyber-Security Threats in Nepal Technical communication

Statement of the Problem

The increasing incidence of cyber threats in Nepal presents a significant challenge to its ICT framework. As the
nation rapidly embraces digital transformation across various sectors such as education, healthcare, banking,
and government services, it simultaneously becomes more susceptible to cyber threats. Despite the evident
benefits of ICT in driving socio-economic development, the lack of robust cybersecurity measures exposes
Nepal to significant risks that could undermine these advancements.

Cyber threats in Nepal have manifested in numerous ways, including data breaches, malware attacks, phishing
scams, ransomware, and Advanced Persistent Threats (APTs). These threats are not just technical issues but
have broader implications, affecting national security, economic stability, and public trust. For instance, data
breaches can compromise sensitive personal and financial information, leading to identity theft and financial
fraud. Malware attacks can disrupt the operations of businesses and government agencies, causing significant
financial losses and reputational damage. Phishing scams can deceive individuals into divulging sensitive
information, while ransomware can lock users out of their systems, demanding payment for restoring access.
APTs, which involve prolonged and targeted cyber-attacks, can infiltrate high-value targets, such as government
institutions and critical infrastructure, posing severe risks to national security.

One of the fundamental issues contributing to the vulnerability of Nepal's ICT infrastructure is the lack of
cybersecurity awareness among users. Many individuals and organizations do not fully comprehend the nature
of cyber threats or the importance of implementing basic cybersecurity measures. This lack of awareness is
evident in the adoption of poor security practices, such as weak password management, inadequate software
updates, and insufficient data encryption. Additionally, there is a general underestimation of the risks
associated with cyber threats, leading to complacency and a reactive rather than proactive approach to
cybersecurity.

Moreover, the existing cybersecurity policies and regulations in Nepal are often outdated and inadequate to
address the current threat landscape. While there have been efforts to develop national cybersecurity
strategies and frameworks, their implementation has been slow and fragmented. The lack of a cohesive and
comprehensive approach to cybersecurity has resulted in gaps in protection and response mechanisms. For
example, there is a need for better coordination and collaboration among various stakeholders, including
government agencies, private sector entities, and international partners, to effectively combat cyber threats.

The inadequacy of cybersecurity infrastructure is another critical challenge. Many organizations in Nepal lack
the necessary technological tools and resources to detect, prevent, and respond to cyber incidents. This
includes a shortage of skilled cybersecurity professionals who can develop and implement effective security
measures. The gap in technical expertise is a significant barrier to building a resilient cybersecurity framework.
Additionally, the rapid pace of technological advancements and the sophistication of cyber threats require
continuous learning and adaptation, which is often lacking in the current cybersecurity workforce in Nepal.

Economic constraints also play a role in the cybersecurity challenges faced by Nepal. As a developing nation,
Nepal has limited financial resources to invest in advanced cybersecurity technologies and infrastructure. This
financial limitation hampers the ability of organizations to adopt comprehensive security solutions and conduct
regular security assessments and audits. Furthermore, small and medium-sized enterprises (SMEs), which form
a significant part of Nepal’s economy, are particularly vulnerable due to their limited resources and lack of
cybersecurity expertise.

The evolving nature of cyber threats adds another layer of complexity to the problem. Cybercriminals are
continually developing new methods and techniques to exploit vulnerabilities within digital systems. This
dynamic threat environment makes it difficult for organizations to keep up with the latest security trends and
best practices. The lack of real-time threat intelligence and information sharing mechanisms further
exacerbates the situation, leaving organizations ill-equipped to anticipate and respond to emerging threats.

In addition to technical and economic challenges, there are also legal and regulatory hurdles that hinder
effective cybersecurity in Nepal. The current legal framework for cybersecurity is often insufficient to address
the complexities of cybercrime. There is a need for more stringent laws and regulations that can deter
cybercriminals and provide a clear legal basis for prosecuting cyber offenses. Furthermore, enforcement of
existing laws is often weak due to a lack of specialized training and resources within law enforcement agencies.
This situation is compounded by the transnational nature of cybercrime, which requires international
cooperation and collaboration to effectively combat.

Given these multifaceted challenges, it is clear that addressing the cybersecurity threats in Nepal requires a
comprehensive and multi-pronged approach. This study aims to explore the nature and extent of cybersecurity
threats in Nepal, identify the vulnerabilities within its ICT infrastructure, and assess the current strategies in
place to mitigate these risks. By doing so, it seeks to provide valuable insights and recommendations that can
help strengthen Nepal’s cybersecurity framework.

The first step in addressing this problem is to conduct a thorough analysis of the current cybersecurity
landscape in Nepal. This includes identifying the types of cyber threats that are most prevalent, the sectors

5|Page
Cyber-Security Threats in Nepal Technical communication

that are most vulnerable, and the common methods used by cybercriminals. Understanding these aspects will
provide a clear picture of the threat environment and help in formulating effective countermeasures.

Next, it is essential to assess the existing cybersecurity policies and regulations to identify gaps and
weaknesses. This assessment should consider both the legal and institutional frameworks and the level of
enforcement and compliance. It is also important to evaluate the coordination and collaboration mechanisms
among various stakeholders to ensure a unified and effective response to cyber threats.

The study should also examine the current state of cybersecurity awareness and education in Nepal. This
involves evaluating the level of knowledge and understanding among users, the availability of training and
educational programs, and the efforts made by organizations to promote a security-conscious culture.
Enhancing cybersecurity awareness is crucial in fostering proactive security practices and reducing the risk of
human error.

Another critical area of focus is the technological and infrastructural capabilities of organizations in Nepal. This
includes assessing the availability and effectiveness of cybersecurity tools and technologies, the level of
investment in security infrastructure, and the presence of skilled cybersecurity professionals. Addressing the
gaps in technical capabilities is essential for building a resilient cybersecurity framework.

Finally, the study should explore the economic, legal, and regulatory challenges that impede effective
cybersecurity in Nepal. This includes examining the financial constraints faced by organizations, the adequacy
of the legal framework, and the capacity of law enforcement agencies to address cybercrime. Understanding
these challenges will help in developing targeted interventions and policy recommendations.

Objectives of the Study

1. To investigate the types and frequency of cyber threats affecting Nepal.

2. To identify the key vulnerabilities in Nepal's ICT infrastructure.

3. To evaluate the effectiveness of existing cybersecurity policies and measures.

4. To provide recommendations for enhancing cybersecurity in Nepal.

5. To assess the level of cybersecurity awareness and education among users and
organizations in Nepal.

6. To analyze the economic impact of cyber threats on different sectors in Nepal.

7. To explore the challenges faced by law enforcement agencies in combating cybercrime in

Nepal.

8. To examine the role of international cooperation in addressing cyber threats in Nepal.

9. To study the adoption of best practices and standards in cybersecurity within Nepalese
organizations.

10. To evaluate the current state of incident response and disaster recovery mechanisms in
Nepal.

Research Questions/Hypothesis
1. What are the prevalent types of cyber threats in Nepal?

2. Which sectors are most vulnerable to cyber-attacks in Nepal?

3. How effective are the current cybersecurity policies and measures in Nepal?

4. What are the key areas that require improvement to strengthen Nepal's cybersecurity?

5. What is the level of cybersecurity awareness and education among users and
organizations in Nepal?

6. What is the economic impact of cyber threats on different sectors in Nepal?

7. What challenges do law enforcement agencies face in combating cybercrime in Nepal?

8. How can international cooperation be enhanced to better address cyber threats in Nepal?

6|Page
Cyber-Security Threats in Nepal Technical communication

9. To what extent are best practices and standards in cybersecurity adopted by Nepalese
organizations?

10. What is the current state of incident response and disaster recovery mechanisms in Nepal?

11. How do cultural and socio-economic factors influence cybersecurity practices and
perceptions in Nepal?

12. What role does public-private partnership play in enhancing cybersecurity resilience in
Nepal?

13. How does the pace of technological change impact the cybersecurity landscape in Nepal?

14. What are the common methods used by cybercriminals to exploit vulnerabilities in Nepal’s
ICT infrastructure?

15. How can the cybersecurity skills gap in Nepal be addressed to build a more robust
cybersecurity workforce?

16. What are the most effective strategies for promoting cybersecurity awareness and training
in Nepal?

17. How does the regulatory environment in Nepal compare with international standards and
best practices?

18. What are the potential future trends in cyber threats that Nepal needs to prepare for?

19. How do organizations in Nepal prioritize and allocate resources for cybersecurity
initiatives?

20. What role does the government play in facilitating cybersecurity research and
development in Nepal?

By addressing these comprehensive objectives and research questions, the study aims to provide a holistic
understanding of the cybersecurity landscape in Nepal and offer actionable insights for improving cybersecurity
resilience across the country.

Significance of the Study

This study holds significant importance for several reasons. By providing a comprehensive understanding of the
cybersecurity landscape in Nepal, it aims to address a critical gap in existing literature and practice. The
findings of this study are expected to have far-reaching implications for various stakeholders, including
policymakers, IT professionals, academic researchers, and the general public.

Firstly, the study will offer invaluable insights for policymakers. With a detailed analysis of the types and
frequency of cyber threats, as well as the vulnerabilities within Nepal's ICT infrastructure, policymakers will be
better equipped to formulate effective cybersecurity policies and regulations. This can lead to the development
of a more robust and cohesive national cybersecurity strategy that addresses current gaps and anticipates
future challenges. Effective policies can also promote better coordination between different governmental
agencies and the private sector, enhancing the overall resilience of Nepal’s digital environment.

Secondly, IT professionals and organizations will benefit from the study’s findings. By identifying common
vulnerabilities and assessing the effectiveness of existing cybersecurity measures, the study will provide
practical recommendations for improving cybersecurity practices. IT professionals can use this information to
enhance their security protocols, adopt best practices, and implement advanced security technologies.
Organizations, particularly those in vulnerable sectors, can prioritize their cybersecurity investments and
training programs based on the study’s insights, thereby reducing the risk of cyber incidents.

Additionally, this study will contribute significantly to academic research by filling the gap in literature
concerning cyber threats in developing countries, particularly in Nepal. The unique challenges faced by Nepal
in terms of cybersecurity are not widely documented, and this study will provide a valuable case study for
researchers and scholars. The empirical data and analysis presented can serve as a reference for future
studies, fostering a deeper understanding of cybersecurity issues in similar contexts.

Moreover, the study will raise awareness about the importance of cybersecurity among the general public and
small to medium-sized enterprises (SMEs). By highlighting the risks associated with cyber threats and the need
for proactive security measures, the study can encourage individuals and smaller organizations to adopt better

7|Page
Cyber-Security Threats in Nepal Technical communication

cybersecurity practices. This is particularly important in a developing country like Nepal, where awareness and
resources are often limited.

Limitations of the Study

While this study aims to provide a thorough analysis of the cybersecurity landscape in Nepal, several
limitations must be acknowledged.

One major limitation is the availability and reliability of data on cyber incidents. Cybercrime is often
underreported due to various factors, including a lack of awareness, fear of reputational damage, and
insufficient reporting mechanisms. This underreporting can result in an incomplete picture of the cybersecurity
threat landscape, potentially skewing the findings. Additionally, the existing records may not be comprehensive
or standardized, posing challenges in data collection and analysis.

Another limitation is the rapidly evolving nature of cyber threats. Cybersecurity is a dynamic field, with new
threats and attack methods emerging continuously. This means that the findings of this study might only be
relevant for a short period before new threats emerge and shift the cybersecurity landscape. While the study
aims to provide up-to-date information, there is an inherent limitation in capturing the most current
developments due to the time-lag in conducting and publishing research.

Furthermore, the study might face challenges related to the technical and logistical aspects of data collection.
Accessing detailed and sensitive information from organizations and individuals can be difficult due to privacy
concerns and security protocols. This limitation may restrict the depth of analysis in certain areas.

The study’s scope is also limited to Nepal, and while the findings can provide insights applicable to other
developing countries, the specific socio-economic, cultural, and regulatory context of Nepal means that the
results may not be directly generalizable. Each country has unique characteristics that influence its
cybersecurity landscape, and these nuances must be considered when applying the findings elsewhere.

Lastly, the study's recommendations, while based on thorough analysis, are contingent on the willingness and
ability of stakeholders to implement them. Factors such as political will, economic constraints, and
organizational readiness can impact the feasibility and effectiveness of the recommended measures. Therefore,
the study’s impact is partly dependent on external factors beyond the researchers' control.

Structure of the Study

The study is structured to systematically explore the cybersecurity landscape in Nepal, providing a
comprehensive analysis from theoretical underpinnings to practical recommendations. The structure is as
follows:

Chapter I: Introduction
This chapter introduces the study by outlining the background, statement of the problem, objectives, research
questions, significance, limitations, and key definitions. It sets the stage for understanding the context and
purpose of the research.

1. Background of the Study

2. Statement of the Problem

3. Objectives of the Study

4. Research Questions/Hypothesis

5. Significance of the Study

6. Limitations of the Study

7. Structure of the Study

8. Operational Definition of Key Terms

8|Page
Cyber-Security Threats in Nepal Technical communication

Chapter II: Review of Literature and Theoretical Framework

This chapter provides a comprehensive review of existing literature related to cybersecurity threats, focusing
on both global and Nepal-specific contexts. It also presents the theoretical frameworks that underpin the study,
integrating relevant theories to understand ICT in higher education and other sectors.

1. Theoretical Review

2. Integrating Theories for ICT in Higher Education

3. Empirical Review

4. Policy Review

5. Conceptual Framework

6. Implication of the Study

7. Research Gap

Chapter III: Research Methodology

This chapter outlines the research design and methodology used to conduct the study. It includes the rationale
for site selection, sampling procedures, data sources, data collection tools and techniques, methods for data
interpretation and analysis, ethical considerations, and measures for ensuring validity and reliability.

1. Research Design

2. Rationale of the Site Selection

3. Universal and Sampling Procedure

4. Source and Nature of Data

5. Data Collection Tools and Techniques

6. Data Interpretation and Analysis

7. Ethical Considerations

8. Validity and Reliability

Chapter IV: Data Analysis and Interpretation

In this chapter, the collected data is analyzed and interpreted to answer the research questions. The analysis
includes both quantitative and qualitative data, providing a detailed examination of the types and frequency of
cyber threats, vulnerabilities, the effectiveness of current measures, and other relevant findings.

1. Descriptive Statistics

2. Analysis of Cyber Threat Types and Frequency

3. Identification of Key Vulnerabilities

4. Evaluation of Cybersecurity Policies and Measures

5. Assessment of Cybersecurity Awareness and Education

6. Economic Impact Analysis

7. Challenges in Law Enforcement and International Cooperation

9|Page
Cyber-Security Threats in Nepal Technical communication

Chapter V: Conclusions and Recommendations

The final chapter summarizes the key findings of the study and presents conclusions based on the data
analysis. It provides practical recommendations for enhancing cybersecurity in Nepal, addressing the identified
vulnerabilities, improving policies, and promoting awareness. This chapter also discusses the implications for
future research and practice.

1. Summary of Key Findings

2. Conclusions

3. Recommendations for Policymakers

4. Recommendations for IT Professionals and Organizations

5. Recommendations for Enhancing Cybersecurity Awareness

6. Implications for Future Research

7. Final Remarks

This structured approach ensures a comprehensive exploration of the cybersecurity landscape in Nepal,
providing valuable insights and practical recommendations to various stakeholders involved in safeguarding
digital infrastructure.

Operational Definition of Key Terms

Cybersecurity:
The practice of protecting systems, networks, and programs from digital attacks. This involves implementing
measures to defend against unauthorized access, attacks, damage, and data breaches, ensuring the integrity,
confidentiality, and availability of information.

ICT(Information and Communication Technology):

A broad term encompassing all technologies used to handle telecommunications, broadcast media, intelligent
building management systems, audiovisual processing and transmission systems, and network-based control
and monitoring functions. ICT integrates computing, networking, and telecommunications technologies to
facilitate the management and dissemination of information.

Malware:
Malicious software designed to cause damage to a computer, server, or computer network. Malware can take
various forms, including viruses, worms, trojans, spyware, adware, and ransomware, each with different
methods of infiltration and harm.

Phishing:
A type of cyber attack that uses disguised emails or other communication methods as a weapon. The attacker
masquerades as a trustworthy entity to deceive individuals into providing sensitive information such as
usernames, passwords, and credit card details.

Ransomware:
A type of malicious software designed to block access to a computer system or encrypt data until a sum of
money is paid. Ransomware attacks typically demand payment from the victim to regain access to their data or
system, often threatening to publish or delete the data if the ransom is not paid.

10 | P a g e
Cyber-Security Threats in Nepal Technical communication

CHAPTER II: Review of Literature and Theoretical

Framework
Theoretical Review
This section explores various theories related to cybersecurity, providing a foundation for understanding the
multi-faceted approach required to combat cyber threats. The theories discussed include the General Theory of
Cybersecurity, the Defense in Depth strategy, and the Cyber Kill Chain model.

1. General Theory of Cybersecurity

The General Theory of Cybersecurity encompasses the fundamental principles and concepts that underlie the
protection of information systems from cyber threats. It addresses the essential aspects of confidentiality,
integrity, and availability (CIA) of data, forming the core objectives of cybersecurity efforts.

 Confidentiality: Ensuring that sensitive information is accessible only to those authorized to access
it.

 Integrity: Maintaining the accuracy and reliability of data and systems, ensuring that information is
not altered or tampered with by unauthorized individuals.

 Availability: Ensuring that information and systems are accessible and usable by authorized users
when needed.

The General Theory of Cybersecurity also emphasizes the importance of risk management, including the
identification, assessment, and mitigation of potential risks to information systems. It integrates various
security measures, such as access controls, encryption, and incident response, to provide a comprehensive
approach to protecting digital assets.

2. Defense in Depth Strategy

Defense in Depth is a comprehensive and multi-layered approach to cybersecurity, which aims to provide
multiple layers of defense to protect information systems from attacks. This strategy acknowledges that no
single security measure can provide complete protection, and therefore, multiple overlapping defenses are
necessary to mitigate risks effectively.

Key components of the Defense in Depth strategy include:

 Physical Security: Protecting the physical components of information systems, such as servers and
data centers, from unauthorized access and environmental hazards.

 Technical Security: Implementing technological measures such as firewalls, intrusion

detection/prevention systems (IDS/IPS), and anti-malware software to protect against cyber threats.

 Administrative Security: Establishing policies, procedures, and training programs to ensure that
individuals within the organization understand their roles and responsibilities in maintaining security.

 Network Security: Securing the network infrastructure through segmentation, access controls, and
monitoring to prevent unauthorized access and detect malicious activities.

 Endpoint Security: Protecting individual devices, such as computers and mobile devices, through
measures like anti-virus software, encryption, and patch management.

 Data Security: Ensuring the protection of data through encryption, access controls, and backup
solutions to prevent data breaches and ensure data integrity.

Defense in Depth is based on the principle of redundancy, where each layer of defense compensates for the
potential weaknesses of other layers, creating a robust security posture.

3. Cyber Kill Chain Model

The Cyber Kill Chain model, developed by Lockheed Martin, is a framework that describes the stages of a cyber
attack, from initial reconnaissance to the final exfiltration of data. Understanding these stages helps
organizations identify and disrupt cyber attacks at various points in the attack lifecycle.

The stages of the Cyber Kill Chain include:

11 | P a g e
Cyber-Security Threats in Nepal Technical communication

 Reconnaissance: The attacker gathers information about the target organization, identifying
potential vulnerabilities and entry points.

 Weaponization: The attacker creates a malicious payload, such as malware or exploit code, tailored
to exploit the identified vulnerabilities.

 Delivery: The attacker transmits the malicious payload to the target, often through methods like
phishing emails, drive-by downloads, or removable media.

 Exploitation: The malicious payload exploits a vulnerability in the target system, allowing the
attacker to gain initial access.

 Installation: The attacker installs additional malware or tools to establish a foothold and maintain
access to the compromised system.

 Command and Control (C2): The attacker establishes communication with the compromised
system, allowing them to control it remotely and execute further actions.

 Actions on Objectives: The attacker achieves their objectives, which may include data exfiltration,
destruction of data, or disruption of services.

By mapping out the stages of an attack, the Cyber Kill Chain model provides a structured approach to
understanding and defending against cyber threats. Organizations can use this model to implement specific
security measures and detection capabilities at each stage, enhancing their ability to prevent, detect, and
respond to attacks.

Integrating Theories for ICT in Higher Education

In this section, we analyze how established cybersecurity theories apply within the context of higher education
in Nepal. We examine case studies and previous research to understand the unique challenges faced by
educational institutions and explore how these theories can be integrated to enhance cybersecurity practices.

Cybersecurity Theories in Higher Education

1. General Theory of Cybersecurity in Higher Education

The General Theory of Cybersecurity, emphasizing confidentiality, integrity, and availability (CIA), is particularly
relevant in the higher education sector. Educational institutions handle a vast amount of sensitive data,
including personal information of students and staff, research data, and intellectual property. Ensuring the CIA
of this data is crucial.

 Confidentiality: Universities must protect sensitive student and staff data from unauthorized access.
This includes implementing access controls and encryption mechanisms.

 Integrity: Maintaining the accuracy and reliability of academic records and research data is essential.
Institutions should deploy measures such as data validation and secure backup systems.

 Availability: Ensuring that educational resources and data are accessible to authorized users when
needed. This involves robust network infrastructure and reliable disaster recovery plans.

By applying the General Theory of Cybersecurity, higher education institutions can establish a foundational
security posture that protects critical data and systems.

2. Defense in Depth Strategy in Higher Education

The Defense in Depth strategy is highly applicable to the multi-faceted environment of higher education
institutions, which often have diverse and open IT ecosystems.

 Physical Security: Universities must secure physical access to data centers, laboratories, and
administrative offices. This can include surveillance systems and access control mechanisms.

 Technical Security: Implementing firewalls, intrusion detection/prevention systems (IDS/IPS), and

anti-malware solutions to protect the campus network and endpoint devices.

12 | P a g e
Cyber-Security Threats in Nepal Technical communication

 Administrative Security: Developing comprehensive security policies and conducting regular

training programs for students, faculty, and staff to foster a culture of cybersecurity awareness.

 Network Security: Segmenting networks to separate academic, administrative, and research

networks, and using network monitoring tools to detect and respond to threats.

 Endpoint Security: Ensuring that all devices, including student laptops and faculty computers, are
protected with updated antivirus software, encryption, and regular patching.

 Data Security: Employing data encryption, access controls, and secure backup solutions to protect
sensitive information and ensure its integrity and availability.

By implementing a Defense in Depth approach, universities can create multiple layers of defense that
collectively provide a robust security posture against various cyber threats.

3. Cyber Kill Chain Model in Higher Education

The Cyber Kill Chain model helps universities understand and defend against the stages of a cyber attack.
Educational institutions can implement security measures at each stage to detect, prevent, and respond to
attacks.

 Reconnaissance: Universities can deploy threat intelligence and monitoring tools to identify and
mitigate reconnaissance activities by potential attackers.

 Weaponization: By staying updated on the latest threats and vulnerabilities, institutions can
anticipate and defend against specific types of malware or exploit tools that may be weaponized
against them.

 Delivery: Implementing email filtering, web filtering, and endpoint security solutions can prevent the
delivery of malicious payloads to the institution's network.

 Exploitation: Regularly updating and patching software and systems reduces the risk of exploitation
of known vulnerabilities.

 Installation: Using endpoint detection and response (EDR) tools can help detect and block the
installation of additional malicious software.

 Command and Control (C2): Network monitoring and anomaly detection tools can identify and
disrupt command and control communications from compromised systems.

 Actions on Objectives: Implementing strong data protection measures, such as encryption and
access controls, can mitigate the impact of any final objectives attackers may have, such as data
exfiltration or destruction.

Using the Cyber Kill Chain model, universities can develop targeted strategies to defend against each stage of
a cyber attack, enhancing their overall security posture.

Case Studies and Previous Research

To illustrate the application of these theories, we review several case studies and previous research on
cybersecurity in higher education.

Case Study 1: Cyber Attack on a University’s Research Data

In one instance, a university experienced a ransomware attack that targeted its research data. Applying the
Defense in Depth strategy, the university had previously implemented robust backup solutions, enabling them
to restore data without paying the ransom. This case underscores the importance of having multiple layers of
defense and effective incident response plans.

Case Study 2: Phishing Attack on Faculty and Students

Another case study involves a phishing attack where attackers sent fraudulent emails to faculty and students,
attempting to steal login credentials. By applying the Cyber Kill Chain model, the university was able to detect
the phishing emails through email filtering solutions (Delivery stage) and educate users on recognizing
phishing attempts (Reconnaissance stage), significantly reducing the attack’s effectiveness.

Research Findings: Cybersecurity Awareness in Higher Education

13 | P a g e
Cyber-Security Threats in Nepal Technical communication

Previous research highlights that one of the significant challenges in higher education is the lack of
cybersecurity awareness among students and staff. Studies suggest that incorporating cybersecurity education
into the curriculum and conducting regular training sessions can significantly enhance the institution’s security
posture.

Challenges Faced by Educational Institutions

Educational institutions in Nepal face several unique challenges in implementing effective cybersecurity
measures:

 Resource Constraints: Limited budgets and resources often restrict the ability to invest in advanced
cybersecurity technologies and personnel.

 Open IT Environments: Universities typically have open and collaborative IT environments, making
it difficult to implement stringent security measures without disrupting academic activities.

 Diverse User Base: The presence of a diverse user base, including students, faculty, and
administrative staff, each with varying levels of cybersecurity awareness, adds complexity to
implementing uniform security policies.

By integrating the General Theory of Cybersecurity, the Defense in Depth strategy, and the Cyber Kill Chain
model, educational institutions in Nepal can develop a comprehensive approach to addressing these
challenges. This integration ensures that universities can protect their valuable digital assets, maintain the
integrity of their data, and provide a secure environment for academic and research activities.

Empirical Review
Empirical studies on cyber threats in Nepal and similar contexts provide valuable insights into the dynamics of
cybersecurity in developing nations. This review synthesizes findings from case studies, surveys, and statistical
data to understand the prevailing cyber threat landscape and associated challenges.

1. Cyber Threat Landscape in Nepal

Several empirical studies shed light on the evolving cyber threat landscape in Nepal. Statistical data from the
Nepal Police Cyber Bureau reveals a concerning trend of increasing cybercrime incidents, including phishing
scams, ransomware attacks, and data breaches. Case studies further illustrate specific instances of cyber-
attacks targeting government websites, financial institutions, and individual users. These empirical findings
underscore the urgency of addressing cybersecurity vulnerabilities to safeguard digital assets and protect
against potential economic and social consequences.

2. Cybersecurity Awareness and Preparedness

Surveys conducted by organizations such as the Computer Association of Nepal (CAN) highlight gaps in
cybersecurity awareness and preparedness among Nepalese individuals and organizations. Despite the growing
reliance on digital technologies, many users lack basic knowledge of cybersecurity best practices, making them
susceptible to cyber-attacks. Furthermore, the absence of comprehensive cybersecurity training programs
exacerbates the challenge of building a cyber-resilient society. Empirical evidence underscores the need for
concerted efforts to enhance cybersecurity awareness and education initiatives at both individual and
organizational levels.

3. Impact on Critical Sectors

Empirical studies emphasize the significant impact of cyber threats on critical sectors such as government,
banking, and healthcare in Nepal. Cyber-attacks targeting government websites compromise the integrity of
sensitive information and erode public trust in digital governance systems. Similarly, breaches in the banking
sector pose severe financial risks and undermine confidence in the financial ecosystem. Moreover,
vulnerabilities in healthcare systems can jeopardize patient data privacy and disrupt essential healthcare
services. These empirical findings underscore the imperative for sector-specific cybersecurity measures tailored
to mitigate sector-specific risks.

Policy Review
Nepal’s national cybersecurity policies play a crucial role in shaping the country’s cybersecurity posture and
resilience. A comprehensive policy review is essential to evaluate the alignment of Nepal’s cybersecurity
policies with international standards and best practices, identify strengths and weaknesses, and propose
recommendations for policy enhancements.

14 | P a g e
Cyber-Security Threats in Nepal Technical communication

1. Comparative Analysis with International Standards

A comparative analysis of Nepal’s cybersecurity policies with internationally recognized frameworks such as
the NIST Cybersecurity Framework, ISO/IEC 27001, and the European Union Agency for Cybersecurity (ENISA)
guidelines provides insights into areas of convergence and divergence. This analysis helps identify gaps in
policy coverage, adherence to regulatory requirements, and the adoption of industry best practices.

2. Strengths and Weaknesses Assessment

An assessment of Nepal’s cybersecurity policies enables the identification of strengths and weaknesses in
policy formulation, implementation, and enforcement. Strengths may include clear policy objectives,
stakeholder engagement mechanisms, and provisions for capacity building and international cooperation.
Conversely, weaknesses may manifest as inadequate regulatory frameworks, insufficient resources for
implementation, and limited coordination among relevant stakeholders.

3. Policy Recommendations
Based on the policy review findings, recommendations can be formulated to strengthen Nepal’s cybersecurity
policies. These recommendations may encompass legislative reforms, capacity building initiatives, public-
private partnerships, and international collaboration efforts. By aligning with international standards and best
practices, Nepal can enhance its cybersecurity resilience and effectively mitigate emerging cyber threats.

Conceptual Framework
A conceptual framework provides a structured approach to understanding the complex interplay of factors
influencing cybersecurity in Nepal. This framework delineates key dimensions such as technological,
organizational, regulatory, and socio-economic factors, and elucidates their interconnectedness and impact on
cybersecurity outcomes. By delineating these relationships, the conceptual framework serves as a roadmap for
guiding research methodology and data analysis, facilitating a comprehensive assessment of cybersecurity
challenges and opportunities in Nepal.

Incorporating insights from the empirical review and policy analysis, the conceptual framework will elucidate
the multifaceted nature of cybersecurity in Nepal, guiding the formulation of research hypotheses, data
collection instruments, and analytical frameworks. By adopting a holistic perspective, the conceptual
framework facilitates a nuanced understanding of the contextual nuances shaping cybersecurity dynamics in
Nepal, thereby informing evidence-based policy and practice interventions.

Implication of the Study

The findings of this study hold significant implications for policymakers, IT professionals, and other stakeholders
in Nepal, providing actionable insights to enhance cybersecurity resilience and mitigate emerging cyber
threats.

1. Policymakers:
 Policy Formulation: Policymakers can leverage the study findings to formulate evidence-based
cybersecurity policies that address the specific challenges faced by Nepal. This includes drafting
legislative frameworks, regulatory guidelines, and strategic initiatives to enhance cybersecurity
preparedness across sectors.

 Capacity Building: Recognizing the importance of cybersecurity awareness and education,

policymakers can allocate resources for capacity building programs aimed at raising awareness among
government officials, private sector stakeholders, and the general populace.

 International Cooperation: The study underscores the importance of international cooperation in

combating transnational cyber threats. Policymakers can use the findings to strengthen bilateral and
multilateral partnerships for information sharing, capacity building, and joint cyber exercises.

2. IT Professionals:
 Technical Solutions: IT professionals can utilize the study findings to implement technical solutions
and best practices to mitigate cyber threats. This includes deploying robust cybersecurity measures
such as firewalls, intrusion detection systems, encryption, and secure authentication mechanisms.

 Incident Response: By understanding the prevalent cyber threats and attack vectors identified in
the study, IT professionals can develop and refine incident response plans to effectively detect,
contain, and mitigate cyber incidents.

 Training and Awareness: The study highlights the importance of cybersecurity training and
awareness programs. IT professionals can leverage the findings to develop tailored training modules
and awareness campaigns to educate users about cybersecurity risks and best practices.

15 | P a g e
Cyber-Security Threats in Nepal Technical communication

3. Other Stakeholders:
 Academic Institutions: Academic institutions can incorporate the study findings into their
curriculum to provide students with relevant knowledge and skills in cybersecurity. This prepares the
next generation of cybersecurity professionals to address emerging challenges effectively.

 Private Sector: Private sector organizations can use the study findings to assess their cybersecurity
posture and implement necessary measures to safeguard their digital assets. This includes conducting
risk assessments, adopting cybersecurity frameworks, and investing in cybersecurity technologies and
services.

 Civil Society and Media: Civil society organizations and media outlets can leverage the study
findings to raise awareness about cybersecurity issues among the general public. By disseminating
information through various channels, they can empower individuals to protect themselves against
cyber threats and advocate for stronger cybersecurity measures.

Research Gap
Despite growing recognition of the importance of cybersecurity in Nepal, there exist significant gaps in the
existing literature and research, which this study aims to address:

1. Limited Empirical Research: Existing empirical studies on cybersecurity threats in Nepal are relatively
scarce, with a focus on anecdotal evidence rather than systematic analysis. This study seeks to fill this gap by
providing a comprehensive empirical review of cyber threats, based on case studies, surveys, and statistical
data.

2. Policy Evaluation: While Nepal has made efforts to develop cybersecurity policies, there is a lack of
comprehensive evaluation of their effectiveness and alignment with international standards. This study aims to
conduct a rigorous policy review to identify strengths, weaknesses, and areas for improvement in Nepal's
cybersecurity policies.

3. Conceptual Framework: There is a need for a conceptual framework that elucidates the multifaceted
nature of cybersecurity in Nepal, guiding research methodology and data analysis. This study proposes to
develop a conceptual framework that integrates technological, organizational, regulatory, and socio-economic
factors influencing cybersecurity outcomes in Nepal.

4. Practical Implications: Despite growing awareness of cybersecurity risks, there is limited guidance on
practical implications for policymakers, IT professionals, and other stakeholders. This study aims to bridge this
gap by providing actionable insights and recommendations based on empirical evidence and policy analysis.

By addressing these research gaps, this study contributes to the advancement of knowledge and practice in
cybersecurity, enhancing Nepal's cybersecurity resilience and fostering a safer digital environment for its
citizens and organizations.

CHAPTER III: Research Methodology

Research Design
The research design for this study adopts a mixed-methods approach, integrating both qualitative and
quantitative methodologies. This approach enables a comprehensive exploration of cybersecurity threats in
Nepal, incorporating diverse perspectives and capturing nuanced insights.

16 | P a g e
Cyber-Security Threats in Nepal Technical communication

Rationale: A mixed-methods approach allows for triangulation of data from multiple sources, enhancing the
validity and reliability of the study findings. Qualitative methods provide in-depth understanding and context,
while quantitative methods enable statistical analysis and generalization of results.

Rationale of the Site Selection

The sites selected for this study include a range of institutions, organizations, and sectors relevant to
cybersecurity in Nepal. These sites were chosen based on their significance in the Nepalese context and their
potential to provide valuable insights into cybersecurity challenges and practices.

Rationale: By selecting diverse sites, including government agencies, financial institutions, educational
institutions, and healthcare organizations, the study aims to capture the breadth of cybersecurity issues across
different sectors and stakeholder groups in Nepal.

Universal and Sampling Procedure

The population of the study comprises stakeholders involved in cybersecurity in Nepal, including government
officials, IT professionals, cybersecurity experts, academic researchers, and representatives from private sector
organizations.

Sampling Method: The study employs purposive sampling to select participants who possess relevant
expertise and experience in cybersecurity. Key informants will be identified through professional networks,
organizational contacts, and snowball sampling techniques.

Source and Nature of Data

The study utilizes both primary and secondary data sources:

1. Primary Data: Primary data will be collected through semi-structured interviews, surveys, and focus
group discussions with key stakeholders. This data will provide firsthand insights into cybersecurity
challenges, practices, and perceptions in Nepal.

2. Secondary Data: Secondary data sources include academic literature, government reports,
cybersecurity incident databases, and policy documents. These sources offer contextual background
information and supplement primary data analysis.

Data Collection Tools and Techniques

Data collection will involve the following tools and techniques:

1. Semi-Structured Interviews: In-depth interviews will be conducted with key informants to explore
their perspectives on cybersecurity issues, challenges, and best practices.

2. Surveys: A structured survey questionnaire will be administered to a wider sample of stakeholders to

gather quantitative data on cybersecurity knowledge, attitudes, and practices.

3. Focus Group Discussions: Focus group discussions will facilitate interactive dialogue among
participants, enabling deeper exploration of specific cybersecurity topics and generating diverse
viewpoints.

Data Interpretation and Analysis

Data interpretation and analysis will involve the following steps:

1. Qualitative Analysis: Qualitative data from interviews and focus group discussions will be analyzed
thematically using qualitative analysis software. Themes and patterns will be identified, and rich
descriptive narratives will be developed.

2. Quantitative Analysis: Quantitative survey data will be analyzed using statistical software to
generate descriptive statistics, inferential analyses, and correlations between variables.

Ethical Considerations
Ethical considerations for the study include:

 Informed Consent: Participants will be provided with informed consent forms detailing the study's
purpose, procedures, and voluntary participation.

17 | P a g e
Cyber-Security Threats in Nepal Technical communication

 Confidentiality: Measures will be taken to ensure the anonymity and confidentiality of participants'
responses, with data stored securely and access restricted to authorized researchers.

 Data Security: Data will be securely stored and transmitted, with encryption and password
protection measures implemented to prevent unauthorized access.

Validity and Reliability

To ensure validity and reliability:

 Triangulation: Data triangulation will be employed to corroborate findings from multiple sources,
enhancing the validity of the study.

 Peer Review: The study's methodology and findings will undergo peer review by experts in the field
to assess validity and reliability.

 Pilot Testing: Data collection tools will be pilot tested to assess clarity, comprehensibility, and
relevance before full-scale implementation.

By adhering to rigorous research methodologies and ethical standards, this study aims to generate robust and
credible findings on cybersecurity threats in Nepal, contributing to knowledge advancement and informed
decision-making in the field.

Reference.
(सुरक्षा तथा सावधानीका उपायहरु, n.d.)

(Kumar, n.d.)

(GUERMAZI, 2021)

18 | P a g e