Paratus Namibia's building. On the morning of February 13, 2025, Paratus Namibia fell victim to a sophisticated cyber attack, t...
 |
| Paratus Namibia's building. |
What Happened?
In the early hours of Wednesday, the internal IT teams detected unusual activity across the company systems. Recognizing the potential threat, Paratus Namibia immediately activated the incident response protocols. This included isolating the affected environment, removing VPN access, and securing all impacted systems—particularly our voice (083) services and certain cloud-hosted environments. These actions were critical in containing the threat and minimizing further disruption to our operations and services.
The Response
Understanding the gravity of the situation, the company enlisted the support of top-tier international cybersecurity experts, who joined the team on-site the following day. Together with the cybersecurity experts they employed some methodologies to restore the company's infrastructure and data. This process involves a rigorous, step-by-step review of each affected system and platform to ensure both integrity and security at every stage.
The company is aware of the importance of the customers' data and sincerely regrets any inconvenience this incident may have caused. While the attack primarily affected internal operational files related to Paratus systems, the experts are investigating further to determine the full extent of any data compromise. ''We are working closely with affected customers, keeping them informed and offering dedicated support channels for follow-ups''.
Cyber Architecture
In the wake of this incident, Paratus Namibia has made significant additional investments in advanced cybersecurity solutions. These measures reflect the company's proactive and continuous approach to enhancing its cybersecurity posture. ''Our teams have been working tirelessly around the clock, and we are pleased to report considerable progress in our recovery efforts''.
As a publicly traded company, Paratus Namibia utilized the SENS platform to ensure timely and equitable dissemination of potentially sensitive information. ''We believe in addressing this incident transparently and effectively, and our commitment to a full resolution remains steadfast.'' Andrew Hall asserted.
''We will continue to provide updates as more information becomes available and as we make further progress in our recovery and investigation''. ''The trust placed in us by our customers and partners is invaluable, and we remain dedicated to restoring services, safeguarding data, and reinforcing our defenses to prevent future incidents.''
''At Paratus Namibia, we are committed to learning from this experience and emerging stronger.'' ''Cybersecurity is an ongoing battle, and we are taking every necessary step to ensure that our systems are more resilient than ever.''
In December 2024, Telecom Namibia experienced a significant cyberattack orchestrated by the ransomware group Hunters International. The attackers exfiltrated approximately 626.3GB of data, encompassing 492,633 files that included sensitive customer information such as identification documents, addresses, and banking details. Following the company's refusal to meet the ransom demands, the compromised data was leaked and began circulating on social media platforms.
The Communications Regulatory Authority of Namibia (CRAN), through its Namibia Cyber Security Incident Response Team (NAM-CSIRT), promptly responded upon identifying the attack. CRAN's Chief Executive Officer, Emilia Nghikembua, emphasized the critical importance of robust cybersecurity measures to safeguard critical infrastructure and consumer data. She stated, "We take cybersecurity very seriously, particularly incidents that affect critical infrastructure and consumer data."
These incidents on Namibian companies underscore the escalating threat of cyberattacks in Namibia. In 2022 alone, the country faced approximately 2.7 million cyberattacks, averaging over 7,000 attacks daily. The Telecom Namibia breach has likely heightened the nation's visibility among global hacker groups, potentially increasing the risk of future attacks.
In response to the breach, NAM-CSIRT has been actively engaged with Telecom Namibia to assess the impact and implement necessary containment measures. Organizations are advised to bolster their cybersecurity posture by implementing multifactor authentication, conducting regular vulnerability scans, ensuring timely software updates, and establishing robust network segmentation.
This event serves as a stark reminder of the necessity for heightened vigilance and proactive cybersecurity strategies to protect sensitive data and maintain public trust in the digital age.