The Namibia Cyber Security Incident Response Team (NAM-CSIRT), under the Communications Regulatory Authority of Namibia (CRAN), has warned of escalating cyber threats following a major security breach at Paratus Namibia Holdings Ltd.
The cyberattack, reported on 19 February 2025, was classified as a Level 3 incident due to its significant impact on the telecommunications sector.
The breach was traced to a compromised internal user account, which disrupted Paratus’ 083 voice services and several cloud-hosted systems.
Investigations linked the attack to the Akira ransomware group, which claimed to have accessed over 84GB of sensitive corporate data.
However, no confirmed evidence of data leaks has been reported.
“In light of this incident, NAM-CSIRT urges all organisations to prioritise their cybersecurity measures by implementing multifactor authentication for all accounts, regularly updating and patching systems to protect against known vulnerabilities, conducting routine audits of user accounts and access controls, and maintaining offline backups,” said Mufaro Nesongano, CRAN’s Executive for Communication & Consumer Relations.
He further recommended that businesses invest in advanced cybersecurity solutions such as Extended Detection and Response (XDR), Security Information and Event Management (SIEM), and Security Operations Center (SOC) functions to improve the detection and monitoring of cyber threats.
Paratus responded by isolating affected systems, disabling VPN access, and working with international cybersecurity experts to contain the breach. The company also reinforced its security protocols to prevent further attacks.
“Cybersecurity incidents of this nature pose serious challenges not only to affected organisations but also to national infrastructure. We are working closely with Paratus to mitigate the impact and safeguard Namibian citizens’ data,” Nesongano said.
He added that as Namibia continues finalising its Cybercrime and Data Protection Law, NAM-CSIRT remains committed to strengthening national cybersecurity resilience. Organisations are encouraged to report cyber incidents promptly to ensure swift response and containment.
“NAM-CSIRT is dedicated to enhancing cybersecurity resilience across the nation. Our mission is to respond to and mitigate the impact of cybersecurity incidents while fostering collaboration among stakeholders,” he said.
