Government issues detailed advisory as ransomware threats rise in Nepal

Kathmandu — The Government of Nepal has issued a comprehensive cyber security advisory warning citizens and institutions about the growing threat of ransomware attacks, as incidents of such cybercrime continue to increase across digital platforms.

The advisory, released by the National Cyber Security Center (NCSC) under the Ministry of Communication and Information Technology, explains that ransomware is a type of malicious software that locks or encrypts files, systems, or entire devices, preventing users from accessing their own data. Attackers then demand a ransom payment in exchange for restoring access.

According to the government, the frequency of ransomware attacks has risen noticeably in recent times, posing serious risks not only to individuals but also to organizations and public institutions. These attacks can block access to critical data, disrupt services, and compromise sensitive information, leading to privacy breaches and financial losses. In some cases, even after paying the ransom, there is no guarantee that the data will be recovered.

The advisory outlines several common ways through which ransomware attacks are carried out. These include opening suspicious email attachments such as PDF, Word, or ZIP files, clicking on unknown or fake links shared via email, SMS, or social media, and downloading executable files (.exe/.apk) from untrusted sources. It also highlights the risks associated with using pirated or cracked software, which may contain hidden malware. Additionally, failure to regularly update operating systems and software, lack of antivirus protection, and the use of unsecured networks or infected external devices like USB drives can further increase vulnerability to such attacks.

To minimize risks, the government has urged users to adopt strong cyber hygiene practices. These include verifying the authenticity of emails, links, and attachments before opening them, downloading applications only from official platforms such as trusted app stores or verified websites, and avoiding unauthorized software. Regular system updates, installation of antivirus and other security tools, and strengthening network security have also been emphasized as essential measures.

The advisory also stresses the importance of maintaining regular data backups. Users are advised to store backups both in cloud systems and offline storage to ensure data recovery in case of an attack. Proper handling and scanning of external devices before use has also been recommended to prevent malware transmission.

In the event of a ransomware attack, immediate action is crucial. The government recommends disconnecting the affected device from the internet or internal network to prevent further spread. Users should promptly change all system and email passwords and avoid paying any ransom, as it may encourage further attacks without guaranteeing data recovery. Restoring systems from secure backups is advised, along with reporting the incident to the Cyber Bureau of Nepal Police and informing the National Cyber Security Center with detailed evidence such as ransom notes, system messages, and log files.

The government has called on all citizens, organizations, and institutions to remain alert and strictly follow the recommended precautions to protect their digital systems and sensitive data from ransomware and other cyber threats.