Justicia Shipena
More than 535 000 cyber vulnerabilities were recorded in Namibia between October and December 2025.
The findings come from the Namibia Cyber Security Incident Response Team (Nam-CSIRT), which also detected 195 661 cyber events during the same period.
The report, compiled under the Communications Regulatory Authority of Namibia (Cran), shows that weaknesses in systems remain widespread.
Cran’s executive for communication and consumer relations, Mufaro Nesongano, said the findings point to the need for stronger protection.
“Cybersecurity is a shared responsibility. Incidents such as this serve as an important reminder for organisations across all sectors to strengthen their cyber resilience and remain vigilant against evolving digital threats,” he said.
The report shows a slight decline in vulnerabilities compared to the previous quarter.
Most of the risks are linked to outdated systems and poor configuration.
These gaps allow attackers to gain access to networks.
Nam-CSIRT also reported new ransomware threats targeting organisations.
One group, Genesis, moves through systems and encrypts data.
Another group, Benzona, locks systems, steals data and demands payment within 72 hours.
The report also highlights an increase in phishing and online fraud.
Attackers are using fake websites to trick users into sharing personal information.
Nesongano said these attacks are causing financial losses and disrupting services.
Nam-CSIRT advised users to verify website addresses, avoid suspicious links and use multi-factor authentication.
It warned that cyber incidents can affect essential services and economic activity.
“Incidents affecting critical systems can disrupt essential services and economic activity,” Nesongano said.
The report comes as the Namibia Airports Company (NAC) was hacked on Monday.
The breach was detected after disruptions were noticed.
The company activated its response systems and contained the incident.
Work is ongoing to restore systems and identify the source of the attack.
Nam-CSIRT said it is working with the company to strengthen security.
“Cybersecurity is a shared responsibility. Incidents such as this serve as an important reminder for organisations across all sectors to strengthen their cyber resilience and remain vigilant against evolving digital threats,” Nesongano added.
Recent data shows cyber threats have been rising.
Between January and June 2025, Namibia recorded more than 1.1 million cyber threats and nearly one million system vulnerabilities.
In October last year, information and communication technology minister Emma Theofelus disclosed this data and stated that no system is completely immune to attacks.
In the same month, the Namibia Students Financial Assistance Fund (NSFAF) reported a data breach.
Personal information of more than 7 000 students was exposed online.
Nam-CSIRT confirmed the breach and said the data had been published.
The cyber threats come as the Ministry of Information and Communication Technology is working on a data protection bill.
The bill aims to protect personal information and improve trust in digital systems.
Concerns over system security have also been raised by independent experts.
Some government websites were found to be using outdated technology, which raises concerns about their vulnerability to cyberattacks and the potential for data breaches.
In December 2024, Telecom Namibia was hit by a ransomware attack.
The group behind the attack leaked customer data after the company refused to pay.
