If you are using a cracked version or pirated software, you could either get your data destroyed or lose your confidential data to unauthorised individuals. Records maintained with the Government Technology Agency or GovTech Agency show that there are at least three cases of ransomware attacks on agencies and a few cases at the individual level annually. To educate about such threats, IT personnel from different agencies including schools took part in the 10th annual Bhutan Network Operators Group or btNOG conference conducted in Paro on Friday.
It was found that many offices in the country use cracked versions of Microsoft Office applications including Microsoft Word. Going by the current practice, agencies and organisations are at risk of data loss and data breach due to ransomware attacks. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
“We need to use genuine software on our laptops or desktops, be it Microsoft Word or Microsoft Office or AutoCAD. This is expensive but it is a one-time investment. The other security aspect especially for the network administrators and system, there are certain vulnerable ports, where we need to block them. If the administrator doesn’t block the ports then there are phishing, attackers and hackers coming in,” said Jichen Thinley, Chairperson of btNOG.
“We try to download anything when we are in the office. It can be regulated only if we have an acceptable use policy whereby a user can, at this time, open Gmail only. Or if you are a finance officer, then maybe the e-PEMS, and then for research persons so and so, but not by downloading websites whereby they may illegally download with the use of network bandwidth and along with it, it can also download malicious software,” said Pratima Pradhan from GovTech Agency.
The btNOG has been advocating on securing software while building the capacity of Bhutanese IT professionals. Formed in 2014, it is a voluntary group which provides an educational and operational forum for network operators and interested professionals related to the Internet. It is a part of the Global NOG Alliance.
“We have been explaining on the availability of good open-source firewalls, which can be used for protection. It is not necessary we have to buy the commercial ones. One of the workshop’s objectives is to use these open sources, harden them and use them in our network. That way we achieve the objective of having a secure network, and also not having to pay quite a big sum to commercial vendors,” said Jichen Thinley.
Over 100 participants, mostly IT professionals, participated in a four-day workshop followed by a daylong conference. Professionals including international experts shared their expertise on how to secure networks.
Namgay Wangchuk, Paro
Edited by Kipchu