By: Nghiinomenwa-vali Hangala
549 556 cyber vulnerabilities have been detected across various domains within the Namibian cyber landscape during the quarter 1 period between April and June 2025.
This represented a 1.62% increase from the vulnerabilities detected in the previous period from January to March 2025.
This is according to the Namibia Cyber Security Incident Response Team (NAM-CSIRT) second quarterly report for 2025, highlighting the country’s evolving cybersecurity landscape and renewed commitment to protecting critical information infrastructure.
The NAM-CSIRT is housed at the Communications Regulatory Authority of Namibia (CRAN) and is tasked with protecting the country’s Critical Information Infrastructure (CII).
CII ensures the safety, economic stability and social well-being of citizens through a structured governance framework. NAM-CSIRT is set to function as the national focal point for coordinating cybersecurity incidents and response.
Beyond the 549,556 vulnerabilities in the quarter, 843,490 cyber events were recorded, marking a sharp 224% flow, with non-HTTP sinkhole activity and Botnet infections posing major threats.
According to NAM-CSIRT analyses, the figures underscore the urgency for businesses, institutions, and individuals to strengthen cyber defences and adopt proactive security practices.
Emerging ransomware groups such as World Leaks and DataCarry were identified as pressing global and regional risks, with African organisations increasingly becoming targets. Locally, telegram phishing scams and social-engineering fraud remain prevalent, exploiting public trust and organisational weaknesses.
The cyber response team emphasised the importance of raising awareness, adopting multi-factor authentication, and verifying communications to prevent such attacks. It also highlighted that CII threats are on the rise, both in terms of magnitude and frequency.
The team noted that the impact of security incidents can impede the pursuit of economic activities, generate substantial disruption to critical services, financial losses, undermine public trust and cause significant disruption to the economy.
CIIs are constituents’ assets (real/virtual), networks, systems, processes, information, and functions that are vital to the nation, such that their incapacity or destruction would have a devastating impact on national security, in turn affecting citizens in various manners.
CII may comprise several different structures with essential interdependence and critical information flow between them.
Misconfigured or outdated services form part of the top vulnerabilities in terms of exposure risks.
Open CPE WAN Management Protocol (CWMP) was the most common vulnerability in the quarter, indicating the need to restrict public exposure of management interfaces.
SSL POODLE reflects the use of deprecated encryption, while DNS/SNMP servers and Simple Service Discovery Protocol (SSDP) expose networks to Distributed Denial of Service (DDoS) and data leaks.
The cyber events data revealed that they mostly focused on non-HTTP sinkhole activity (749,669), far surpassing the HTTP events.
A deeper dive shows an increase in Android.badbox2 Botnet infections. Badbox 2.0 is a botnet comprised of backdoor low-cost Android devices, primarily tablets, CTV boxes, digital projectors, and aftermarket vehicle infotainment systems made in mainland China.
DDoS amplification and darknet activity underscore ongoing network exploitation risks. According to CRAN, certain steps have been taken to strengthen the country’s cyber protection efforts, which included the launch of NAM-CSIRT on 14 April 2025 in Windhoek.
“The launch signals CRAN’s dedication to protecting Namibia’s digital landscape from growing cyber threats.
As the nation accelerates digital adoption, the need for a coordinated and professional cybersecurity response has become more urgent after various attacks that highlight the country’s vulnerabilities.
CRAN board chairperson, Tulimevava Mufeti, underscored the global nature of cybercrime and highlighted the importance of a national response, saying “the CSIRT is a strategic initiative that reflects our shared responsibility to protect individuals, businesses, and the government from cyber risks”.
