The most recent African infrastructure provider to be hit by a ransomware attack is Telecom Namibia, stressing the growing cyber threats aimed at the region’s vital infrastructure.
The attack was carried out by the ransomware-as-a-service (RaaS) group Hunters International, and after the company refused to negotiate or pay the demanded ransom, client data was exposed on the dark web.
The breach, which occurred in late 2024, initially appeared to have caused no significant data loss. However, further investigations confirmed that sensitive customer information had been compromised. CEO Stanley Shanapinda addressed the issue in a statement on 16 December, saying that the threat had been contained, and further attacks were prevented.
He noted that the exposed information was leaked after the company chose not to engage with the attackers. Shanapinda assured customers that law enforcement agencies and third-party cybersecurity experts were assisting in the investigation to uncover further details.
Telecom Namibia is not the only critical infrastructure provider in Africa to face a ransomware attack in recent months.
In June 2024, South Africa’s National Health Laboratory Service was targeted by ransomware, causing significant disruptions to healthcare services and wiping out essential backups. The attack took weeks for the government-run network of testing laboratories to recover.
The same ransomware organisation, Hunters International, also exfiltrated over 18GB of data from the Kenyan Urban Roads Authority in July as a result of a compromise. The Nigerian Computer Emergency Response Team also issued warnings last year about the Phobos RaaS group targeting critical cloud services in the country, with at least one successful compromise reported.
According to studies, ransomware accounted for a third of all successful attacks in Africa in 2024. The telecommunications and manufacturing sectors were particularly vulnerable, with each accounting for 10% of the reported incidents.
Cybersecurity experts pointed out that rapid digital transformation, combined with geopolitical tensions and inadequate cybersecurity measures, makes sectors like telecommunications prime targets for cybercriminals. They added that the growing volume of user data and the expanding digital networks further increase the appeal for attackers seeking financial gain or cyber espionage opportunities.
The rise of the RaaS model has also weighed on the growing number of ransomware attacks across Africa. Experts highlighted that African organisations are becoming testing grounds for new ransomware tactics. They also said that cybercriminals are increasingly targeting third-party suppliers to distribute malware through trusted networks, such as malicious software updates.
As Africa continues to digitise at a rapid pace, the attack surface will grow, leaving organisations vulnerable to ransomware attacks. Sectors like telecommunications, energy, and manufacturing remain particularly at risk. Strengthening cybersecurity measures and improving awareness among employees and customers is vital to preventing further incidents in the region.