Cybersecurity in Nepal: Importance, Challenges, and Future in 2025
Comprehensive analysis of Nepal’s cybersecurity landscape with latest threats, statistics, and protection strategies
Introduction
Cybersecurity refers to the practices, technologies, and processes designed to protect computers, networks, programs, and data from unauthorized access, attacks, or damage. In Nepal, as digital adoption accelerates, cybersecurity has become a critical concern in 2025.
With over 30 million internet users and rapid growth in digital financial services, Nepal faces increasing cyber threats that could undermine economic growth, national security, and citizen trust in digital platforms.
Internet Users in Nepal
Over 90% penetration rate
Cybercrime Complaints (2024)
119% increase from 2023
Mobile Banking Users
80% of adult population
The Growing Need for Cybersecurity in Nepal
Increased Internet Usage and Mobile Banking
Nepal’s internet penetration exceeded 90% by mid-2024, with more than 23.7 million mobile banking users and 1.9 million internet banking users. This surge has expanded the attack surface for cybercriminals.
Digital Transformation Post-COVID
The COVID-19 pandemic accelerated digital transformation in Nepal, pushing more government services, education, and commerce online. This shift has increased reliance on digital infrastructure, making cybersecurity indispensable.
Rise in Cybercrime & Online Scams
Cybercrime complaints have surged dramatically. Nepal Police Cyber Bureau reported:
| Year | Complaints | Increase | Top Category |
|---|---|---|---|
| 2022-23 | 9,013 | 40% | Financial Fraud |
| 2023-24 | 19,730 | 119% | Social Media Scams |
| 2024-25 (Q1) | 6,210 | 27% (projected) | Phishing |
Common Cyber Threats Faced in Nepal
Phishing and Email Scams
Phishing remains the most prevalent cyber threat, where attackers impersonate trusted entities to steal credentials or money. Over 2,500 phishing complaints linked to banking fraud were reported in 2023-24.
- Fake Nepal Police investigation notices demanding money
- Bank emails requesting password updates
- eSewa/Khalti payment confirmation scams
- Fake lottery/scholarship winning notifications
Social Media Account Hacking
Social media platforms like Facebook and WhatsApp are primary targets for account hijacking and scams, with thousands of complaints filed in 2024 alone.
Ransomware and Malware Attacks
Although less publicly reported, ransomware and malware attacks threaten Nepal’s critical infrastructure, including banks and government agencies, as evidenced by the 2024 F1Soft breach and NRB data leak.
Government & Bank Website Defacements
Defacement attacks on government and bank websites have been reported, undermining public confidence and disrupting services.
Real Incidents of Cyber Attacks in Nepal
Case Study: Banking Sector Attacks
The 2024 F1Soft digital payment breach resulted in NPR 34.2 million loss due to unauthorized transactions. The Nepal Rastra Bank also suffered a data breach the same year, exposing sensitive financial information.
Attack Vector: SQL injection vulnerability in web application
Impact: 12,500 customer records exposed
Response: Temporary shutdown of services, forensic investigation
Government Website Breaches
Several government websites have been targeted, including a notable 2016 cyberattack on Nepal Rastra Bank compromising millions of NPR.
Recent Incidents:
- 2023: DDoS attack on Government Integrated Data Centre affecting 1,500 websites
- 2024: Defacement of Ministry of Education website during exam season
- 2025: Data leak from National ID database (unconfirmed)
Challenges in Nepal’s Cybersecurity Landscape
Lack of Awareness Among Public
Studies show low cybersecurity awareness among students, teachers, and the general public, with many unaware of basic online safety practices.
- 62% of victims had no cybersecurity training (Cyber Bureau Survey 2024)
- Only 28% of SMEs have cybersecurity policies
- 83% of phishing victims didn’t verify sender authenticity
Limited Skilled Professionals
Nepal faces a shortage of trained cybersecurity experts. The Cyber Bureau is understaffed, with only 28 IT specialists handling thousands of cases.
Weak Infrastructure and Legal Gaps
Outdated IT infrastructure and gaps in cyber laws hinder effective prevention and prosecution of cybercrimes.
- Electronic Transaction Act (2008) lacks provisions for modern threats
- No specific laws for cryptocurrency, deepfakes, or AI crimes
- Low conviction rate (0.5% of complaints result in prosecution)
Steps Taken to Improve Cybersecurity
Role of Nepal Police Cyber Bureau
The Cyber Bureau actively investigates cybercrimes, issues public warnings, and collaborates with international agencies to combat cyber threats.
- Established 24/7 cybercrime hotline (9851245827)
- Launched public awareness campaigns reaching 1.2M people
- Recovered NPR 12.8M in stolen funds
- Blocked 2,100+ fraudulent websites
Cyber Law and Policies
The Government of Nepal has introduced the Nepal Cyber Security Strategy 2022 and is enhancing legal frameworks to address emerging cyber risks.
Private Sector & Ethical Hackers Involvement
Increasing engagement of ethical hackers and private firms supports vulnerability assessments and incident response across sectors.
Want to Start a Career in Cybersecurity?
Nepal’s cybersecurity job market is growing at 16% annually with high demand for skilled professionals.
Explore Training ProgramsHow Individuals Can Protect Themselves
Strong Passwords and 2FA
Use complex passwords and enable two-factor authentication on all accounts to reduce unauthorized access risks.
- Minimum 12 characters with mix of letters, numbers, symbols
- Unique password for each account
- Use password managers like Bitwarden or KeePass
- Enable 2FA via authenticator apps (Google/Microsoft Authenticator)
Recognizing Phishing Attempts
Be cautious of suspicious emails, links, and messages asking for personal or financial information.
Using VPNs and Antivirus
Employ trusted VPN services and keep antivirus software updated to protect devices from malware and data interception.
The Future of Cybersecurity in Nepal
Growing Demand for Ethical Hackers
The cybersecurity job market in Nepal is projected to grow over 16% annually through 2029, with high demand for ethical hackers and security analysts.
Importance of Cybersecurity Education
Expanding cybersecurity education at schools, universities, and professional levels is critical to building a secure digital future.
The Need for National Cyber Strategy
A comprehensive national cyber strategy integrating government, private sector, and civil society efforts is essential to address evolving threats effectively.
Conclusion
Cybersecurity in Nepal is a growing priority amid rapid digitalization and rising cyber threats. While challenges remain, ongoing government initiatives, increased awareness, and workforce development offer hope. Staying informed and vigilant is vital for individuals and institutions alike to secure Nepal’s digital future.
Key Takeaways:
- Cybercrime in Nepal has increased by 10,850% since 2018
- Financial fraud and social media scams dominate cases
- Public awareness and skilled professionals are critically needed
- Legal reforms and infrastructure upgrades are underway
- Cybersecurity careers offer excellent growth potential
Call to action: Stay updated on cybersecurity trends, practice safe online habits, and help spread awareness to build a safer Nepalese cyberspace.
