Bhutan joins global fight against cybercrime through national cybersecurity strategy

Last Updated on November 10, 2024 5:19 am

Bhutan Computer Incident Response Team has recorded over 100 scam cases in recent years, with some falling victim to financial losses, defamation, and extortion.

This is according to the National Cybersecurity Strategy 2024-2029.

As the country embraces digital transformation and shifts more services online, the rapid adoption of technology has also heightened its vulnerability to cyber threats.

The National Cybersecurity Strategy 2024-2029 highlights that Bhutan’s geographical proximity to South Asia—a region with high cybercrime activity—exposes it to regional threats.

Cybercriminals in South Asia often operate across borders, exploiting shared languages, cultural similarities, and interconnected infrastructure to target multiple countries.

The strategy cites instances where Bhutanese citizens have fallen victim to scams and fraud originating from neighbouring regions.

Hacking groups from neighbouring countries are increasingly targeting businesses and government institutions across South Asia, taking advantage of shared languages, cultural similarities, and interconnected infrastructure.

Targeted attacks on critical information infrastructure have surged in the region, with hacktivist groups motivated by political and religious agendas launching cyberattacks.

Since June last year, India has been particularly affected, experiencing over 750 distributed denial-of-service attacks and more than 70 website defacement incidents. India accounted for 34 percent of these DDoS attacks, the highest in the region.

An analysis by the BitSight Threat Intel platform reveals that Bhutan’s digital infrastructure—particularly government and educational networks—are vulnerable to cyber threats.

Open ports, ineffective patch management, and reliance on outdated systems make Bhutan’s networks attractive targets for cybercriminals.

The financial sector is particularly vulnerable, with online investment scams—especially those related to cryptocurrency—posing a significant risk. In response, the Financial Institution Cyber Response Team was established in 2020 to tackle such threats.

The power sector has also faced cyber incidents, including ransomware attacks and email compromises. While business continuity plans have helped mitigate the impact, the increasing use of digital technologies in the sector underscores the need for stronger cybersecurity measures to prevent service disruptions.

To safeguard Bhutan’s digital infrastructure and economy, the National Cybersecurity Strategy emphasises the need for a comprehensive approach to mitigate cyber threats, foster international collaboration, and establish a secure online environment.

The government aims to elevate cybersecurity to the highest executive levels, ensuring a coordinated and effective response to emerging cyber threats.

The strategy aims to establish a robust cybersecurity framework with clear roles and responsibilities for various stakeholders, including government agencies, private sector organizations, and other key actors.

The European Union Agency for Cybersecurity’s ENISA Threat Landscape Report 2023 identified distributed denial-of-service and ransomware attacks as the most significant cyber threats in the EU from late 2022 through mid-2023.

Other major threats included social engineering, data breaches, information manipulation, supply chain attacks, and malware.

Attackers are increasingly using advanced methods to encrypt data and demand substantial ransom payments, causing severe operational disruptions and financial losses. Notably, ransomware attacks on healthcare facilities increased by 75 percent in 2023 compared to the previous year.

In these attacks, hackers encrypt data and threaten to leak it publicly, pressuring victims to either pay large ransoms or face downtime and reputational damage.

One high-profile case in 2023 involved a U.S. pipeline operator who faced a ransom demand of USD 4.4 million in cryptocurrency, demonstrating the growing financial stakes of cyberattacks.

For many organisations, especially small and medium-sized enterprises, such payments are unaffordable, potentially leading to financial collapse or closure. The ripple effects of these disruptions can impact entire economies and endanger public safety.

Nation-states are now engaged in a digital cold war, using cyber espionage to steal sensitive information from research institutes, government agencies, and critical industries.

Their goal seeks to secure strategic advantages, potentially influencing diplomatic negotiations, exposing vulnerabilities, supporting economic and military power, gaining insights into scientific advancements, and eroding trust between nations.

The strategy document also warns of increasingly sophisticated phishing tactics, social media manipulation, and other social engineering methods that deceive users into revealing confidential information or downloading malware.

These tactics blur the line between reality and deception, making it challenging for users to identify authentic sources.

A cited example is the LinkedIn “Deepfake” CEO Scam in 2023, where hackers used deepfake technology to impersonate a CEO on LinkedIn, tricking employees into transferring funds and causing significant financial losses.

This incident underscores the critical need for vigilance and robust security measures to counter such sophisticated threats.