The Communications Regulatory Authority of Namibia (CRAN) has issued a strong warning regarding cybersecurity attacks following a significant ransomware attack on Telecom Namibia.

This incident, attributed to the Hunters International ransomware group, resulted in the exfiltration of 626 GB of sensitive customer data, including personal information.

The cyberattack was detected on December 11, 2024, with credible threat intelligence confirming the breach.

The attackers have threatened to release the stolen data unless a ransom is paid, prompting immediate action from CRAN and the Namibia Cyber Security Incident Response Team (NAM-CSIRT).

CRAN's Chief Executive Officer, Emilia Nghikembua, and head of NAM-CSIRT, emphasised the necessity for vigilance and proactive measures to protect critical infrastructure and consumer data. 

Nghikembua stated that the incident highlights the need for vigilance and collaboration to mitigate the ever-evolving cyber threats facing the country.

NAM-CSIRT has been actively engaged with Telecom to assess the breach's impact and implement necessary containment measures. 

They have outlined essential steps for organisations to bolster their cybersecurity posture, including implementing multifactor authentication, conducting regular vulnerability scans, ensuring timely software updates, and establishing robust network segmentation.

CRAN also encourages all stakeholders to report any cybersecurity incidents promptly to facilitate effective response efforts.

As CRAN and NAM-CSIRT work diligently to support affected operators, they stress that collective action and adherence to international best practices are crucial in safeguarding national assets against future attacks.