Why are Nepali web sites being hackers’ target? – Part 1

By: Kumu Khanal

In recent days there have been a lot of reports of hackers taking control of Nepali websites. I would like to discuss why are they targeting Nepali websites.

Why do hackers hack? Hackers mainly are of three types: hardcore criminal hackers, criminal hackers and non-criminal hackers. Hardcore criminal hackers are after money. They are constantly seeking money and materials that can be sold to a third party. Personal information like identity, credit cards can be sold over internet. Software, documents, movies, music can also be sold offline or online. They can use all kinds of tools like spywares, trojan horse, phishing and so on.   

Other criminal hackers steal materials for their own use or share with their friends like photos, movies, music, and documents. On the other hand, non-criminal hackers might be learning hacking on their way to become criminal hackers or stopping them.

Some do hacking for recognition, fun, show-off their skills, or just to learn how it is done. There are others who hack for vengeance. Some good hackers hack to exploit vulnerability and warn the websites owners (too bad, there are not many good hackers!).

Why Nepali websites? I don’t think Nepali websites attract the hardcore criminal hackers as they have nothing to get from the sites or the visitors to the sites. People in Nepal rarely do financial transactions online. Online banking is also available only on a selected few banks; that too with very limited banking options. Due to unreliable power supply, internet use in our daily needs is still a luxury that we can’t afford. So, the hackers we are facing in Nepali websites should mostly be non-criminal hackers in their learning stage.

Does that mean we don’t need to worry? No, hackers cause financial damage in terms of downtime and loss of data. Sites also loose their credibility. Nobody would like to visit a site that is hacked or has higher potential to be hacked.

Hacker Cost: In 1995, when, we in Nepal didn’t know what internet was (although, first email service in Nepal started in 1994), hacking cost businesses some $800 million around the world. In another report in 2000 the cost was estimated to be $1.6 trillion in 30 countries. I don’t have the latest estimate but you can guess how the hacker cost should have increased in the past 10 years. Apart from financial loss they can cause mental and psychological damage which can’t be quantified.

But, Nepal is a different case. Our sites may not have that much value and hence hacking impact might be less. But, there hasn’t been any study on hacker cost in Nepalese contest so we can’t be too sure. I strongly believe such a study would benefit both the website creators and their website users. It will also encourage webmasters to adopt security measures in the websites, hence creating peace-of-mind in both visitors and the site owners.

In the next part, I will review some of the hacked websites and their user bases in terms of publically available web monitoring tools like Alexa.

To be continued …