The Otjiwarongo Municipality in Namibia was struck by a ransomware attack on Wednesday, with early findings indicating data theft and a ransom demand from a group identifying itself as “INC Ransom.”
The incident is being treated as a major cybersecurity breach, and efforts are underway to assess its full impact.
The Namibia Cyber Security Incident Response Team (NAM-CSIRT), operating under the Communications Regulatory Authority of Namibia (CRAN), is leading the investigation.
According to authorities, the attackers may have illegally accessed and extracted sensitive municipal data.
NAM-CSIRT responds swiftly to ransomware threat
NAM-CSIRT became aware of the breach through threat intelligence reports and responded by alerting the municipality and recommending urgent containment steps.
These include isolating the affected systems and conducting data mapping to figure out what may have been compromised.
“Given the sensitivity of the matter, NAM-CSIRT has notified the municipality and recommended immediate containment measures, including data mapping to determine the extent of exposure and the isolation of affected systems,” said CRAN CEO and NAM-CSIRT Head Emilia Nghikembua.
A formal investigation has been launched, but authorities have not disclosed the ransom amount or confirmed whether residents’ personal or financial data were among the stolen files.
Nghikembua emphasised that NAM-CSIRT is committed to transparency and will provide updates as the situation develops without compromising the investigation’s integrity.
Ongoing cybersecurity risks facing Namibia’s public sector
The Otjiwarongo breach is part of a growing trend of cyberattacks targeting Namibian public infrastructure.
In early 2025, Paratus Namibia experienced a cyber incident that disrupted its voice and cloud services.
Before that, in December 2024, Telecom Namibia was attacked by a ransomware group known as Hunters International, which stole over 600 gigabytes of customer data, later leaked online after ransom demands were ignored.
These repeated attacks underscore the increasing cybersecurity risks facing Namibia’s government and businesses.
Experts warn that municipalities and public institutions remain vulnerable due to underinvestment in digital security and a lack of preparedness for modern cyber threats.
The nature of the Otjiwarongo attack, involving a known ransomware gang and suspected data exfiltration, signals that these threats are not only persistent but also growing in sophistication.
Government urged to strengthen cyber defences
As the investigation unfolds, cybersecurity experts are calling for a more coordinated national response to digital threats.
Stronger public-private collaboration, better threat detection systems, and improved training for IT staff are among the steps being recommended.
The government is also being urged to fast-track its cybersecurity legislation and expand support for regional and local entities, which are often the weakest links in the national cyber defense framework.
For now, the Otjiwarongo Municipality is working closely with NAM-CSIRT to secure its systems and determine the full extent of the damage.
Stakeholders and residents await further updates as officials race to contain the breach and prevent similar attacks in the future.