Cyberattacks 2024: Namibia under siege
OPM says no leaks at government level
The regulator has urged organisations to segment their networks to curb ransomware attacks.
The Namibian cybersecurity landscape witnessed a significant increase in cyberattacks in 2024, with over two million cyber vulnerabilities and 1.1 million cyber incidents recorded between January and September, an official report by the Communications Regulatory Authority of Namibia (CRAN) indicates.
These statistics are contained in a CRAN overview report on the domestic cyberspace that was published in October, in which the regulator also urged companies to segment their networks in order to curb ransomware.
Cybersecurity vulnerabilities are weaknesses found within information systems, security procedures or internal controls that threat actors can exploit.
Experts believe that a lack of qualified professionals and the absence of legislation to regulate cyber activities are key contributing factors to the situation Namibia finds itself in.
'Brute force'
CRAN's report noted that the authority has “witnessed a significant increase" in cyberattacks.
“The brute force event incidents significantly increased in the months of March to June with a record of 14 903 in March and 18 123 in June compared to an average of 2 227 records of the past months,” CRAN’s executive for engineering and technical services Ronel Le Grange said in the report.
She added: “Suspicious transactions as identified through network telescopes skyrocketed in the month of June with records of 414 106 in comparison to the 25 898 in May.”
Le Grange said two ransomware incidents were recorded in May and June.
In the report, organisations were urged to implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented and secure location.
The report was issued less than two months before Telecom Namibia fell prey to a ransomware attack on 13 December, which led to some customers’ data being leaked on the dark web. Telecom said the data leakage incident was a cybercrime attack by Hunters International.
Nothing leaked
In an attempt to allay public fear yesterday, executive director in the Office of the Prime Minister I-Ben Nashandi assured the nation that, at the government level, apart from compromised information from the health and social services ministry, no personal data has been leaked from the government data centre.
"The data that sits with the government is safe," he said, adding that government regularly updates its cybersecurity framework, with the last one done this past September.
He further assured the nation that as a measure of data protection, the government has isolated the system that was compromised.
Access blocked
The health ministry's executive director, Ben Nangombe, said the compromised data was sourced from the Pharmaceutical Management Information Dashboard.
According to Nangombe, the system contains information on medical supply stock levels, the number of patients enrolled for health services and related operational data, rather than individual patient health records.
“This data is not identifiable; no names or personal information of patients are attached to it. [As a] matter of fact, the only identifiable details are the email addresses and contact numbers of the medical staff who have access to this information," he said.
Nangombe said the ministry’s cybersecurity team acted promptly once they were notified of the breach by manually disconnecting the dashboard server from the internet and blocking access entirely.
He added that during the breach, access was not denied to the ministry, as both the ministry and the hackers had simultaneous access to the system.
“We are unable to say if the information was downloaded entirely, but it has now been moved to a newer, safer server,” Nangombe confirmed.
These statistics are contained in a CRAN overview report on the domestic cyberspace that was published in October, in which the regulator also urged companies to segment their networks in order to curb ransomware.
Cybersecurity vulnerabilities are weaknesses found within information systems, security procedures or internal controls that threat actors can exploit.
Experts believe that a lack of qualified professionals and the absence of legislation to regulate cyber activities are key contributing factors to the situation Namibia finds itself in.
'Brute force'
CRAN's report noted that the authority has “witnessed a significant increase" in cyberattacks.
“The brute force event incidents significantly increased in the months of March to June with a record of 14 903 in March and 18 123 in June compared to an average of 2 227 records of the past months,” CRAN’s executive for engineering and technical services Ronel Le Grange said in the report.
She added: “Suspicious transactions as identified through network telescopes skyrocketed in the month of June with records of 414 106 in comparison to the 25 898 in May.”
Le Grange said two ransomware incidents were recorded in May and June.
In the report, organisations were urged to implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented and secure location.
The report was issued less than two months before Telecom Namibia fell prey to a ransomware attack on 13 December, which led to some customers’ data being leaked on the dark web. Telecom said the data leakage incident was a cybercrime attack by Hunters International.
Nothing leaked
In an attempt to allay public fear yesterday, executive director in the Office of the Prime Minister I-Ben Nashandi assured the nation that, at the government level, apart from compromised information from the health and social services ministry, no personal data has been leaked from the government data centre.
"The data that sits with the government is safe," he said, adding that government regularly updates its cybersecurity framework, with the last one done this past September.
He further assured the nation that as a measure of data protection, the government has isolated the system that was compromised.
Access blocked
The health ministry's executive director, Ben Nangombe, said the compromised data was sourced from the Pharmaceutical Management Information Dashboard.
According to Nangombe, the system contains information on medical supply stock levels, the number of patients enrolled for health services and related operational data, rather than individual patient health records.
“This data is not identifiable; no names or personal information of patients are attached to it. [As a] matter of fact, the only identifiable details are the email addresses and contact numbers of the medical staff who have access to this information," he said.
Nangombe said the ministry’s cybersecurity team acted promptly once they were notified of the breach by manually disconnecting the dashboard server from the internet and blocking access entirely.
He added that during the breach, access was not denied to the ministry, as both the ministry and the hackers had simultaneous access to the system.
“We are unable to say if the information was downloaded entirely, but it has now been moved to a newer, safer server,” Nangombe confirmed.
Comments
Namibian Sun
No comments have been left on this article