By: Nghilunanye Petrus
Namibia has recorded a drastic surge in cyber threats in early 2025, with over 260,000 cyber events detected between January and March, marking a 314% increase from the last quarter of 2024.
This is according to the inaugural quarterly report by the Namibia Cyber Security Incident Response Team (NAM-CSIRT), released last week.
The report points to an evolving, but increasingly hostile digital landscape.
From deepfake scams and ransomware to sophisticated social engineering attacks, the threats are becoming more diverse, advanced, and harder to detect.
The report also highlights the growing role of artificial intelligence (AI) in cyberattacks.
AI is being used to craft highly convincing phishing emails, generate fake audio and video content, and develop ransomware that adapts in real time.
NAM-CSIRT flagged this as a particular concern for Africa, which has become a prime target for such attacks due to the continent’s expanding digital footprint and uneven cybersecurity infrastructure.
In Namibia, a fake video impersonating a Bank of Namibia official was circulated online to promote a fraudulent investment scheme.
In a separate incident, a local woman lost more than N$800,000 after being manipulated into downloading a remote access tool that gave a scammer control of her device.
Meanwhile, Paratus also confirmed it was targeted in a ransomware attack in the same period, reportedly by the Akira ransomware group.
While no data was leaked, the incident disrupted operations and revealed vulnerabilities in critical infrastructure.
Housed under the Communications Regulatory Authority of Namibia (CRAN), NAM-CSIRT is Namibia’s response to this spike in cyberattacks.
With N$20 million in seed funding allocated by the government, NAM-CSIRT aims to be the country’s digital first responder, coordinating incident reports and fortifying public and private sector networks.
However, experts say more is needed.
“The digital threats Namibia is facing are not hypothetical. They are happening now, and they are hitting our financial institutions, telecoms, and ordinary citizens,” stated Emilia Nghikembua, CRAN CEO and Head of NAM-CSIRT.
Further noting that “effective cybersecurity is not the job of one team. It requires trust, collaboration, and shared responsibility.”
The report urges Namibian companies to exercise caution when dealing with third-party software providers, as attacks targeting supply chains have proven devastating in global cases, such as SolarWinds and CrowdStrike.
NAM-CSIRT also recommends the formation of industry-specific cyber response teams to strengthen coordination and tailor mitigation strategies to each sector’s needs. This call for decentralised vigilance reflects a broader push for capacity building and public awareness.
In addition to tracking threats, NAM-CSIRT detected more than half a million vulnerabilities in the quarter, many caused by outdated or misconfigured services such as open DNS, FTP, Telnet, and obsolete encryption protocols. Open CWMP, a management interface for internet-enabled devices, topped the vulnerability list.
What’s increasingly clear is that Namibia’s digital infrastructure is being stress-tested, noted Emily.
As AI evolves into both a threat and a tool, the country’s cyber resilience will depend on how rapidly it can adapt, invest, and collaborate across sectors.
“The stakes are no longer just about data breaches or IT systems. They’re about the safety, economy, and trust of an entire nation,” Nghikembua warned.
