KATHMANDU, APRIL 21
The National Cyber Security Centre (NCSC) has issued a public advisory warning of a significant rise in ransomware attacks on information technology systems, urging individuals and institutions to take immediate precautions to protect their data.
Ransomware is a form of malicious software that locks or encrypts files and data on computers, mobile phones or other devices, blocking access until a ransom is paid. The NCSC said such attacks have been increasing notably in recent times and that the advisory has been issued to minimise damage to the general public.
The consequences of a ransomware attack can include loss of access to critical data, documents and entire devices, disruption of services provided by organisations and institutions, serious privacy risks if sensitive data is stolen or leaked, and financial losses resulting from ransom demands.
The NCSC identified the most common entry points for ransomware as opening suspicious email attachments such as PDF, Word or ZIP files, clicking on fraudulent links received via social media, SMS or email, downloading executable files from unsafe sources, using pirated or cracked software, failing to regularly update operating systems and software, absence of antivirus protection, and use of unsecured networks or external storage devices.
To guard against attacks, the centre advised users to verify the authenticity of email senders before opening any links or attachments from unknown sources, download software and applications only from official stores such as Google Play, Apple App Store or Microsoft Store, avoid unlicensed software and keep systems regularly updated with proper antivirus protection, maintain regular data backups stored on both cloud and offline storage, strengthen network security, and use USB and external devices with caution after verifying they are free of malware.
In the event of an attack, the NCSC advised users to immediately disconnect the affected device from the internet and all networks to prevent the malware from spreading, change passwords for email, system logins and other accounts without delay, refrain from paying the demanded ransom as payment does not guarantee data recovery and encourages further attacks, attempt system restoration from backups, report the incident with full details to the Nepal Police Cyber Bureau and inform the NCSC, and preserve all evidence including ransom notes, screen messages and log files.
