| Category | Details |
|---|---|
| Threat Actors | Hunters International (Ransomware group, possibly linked to Hive ransomware developers) |
| Campaign Overview | Ransomware attack on Telecom Namibia; leaked over 400,000 files after ransom was declined |
| Target Regions/Victims | Namibia; Telecom Namibia and potentially high-ranking government officials and customers |
| Methodology | - Ransomware attack via Ransomware-as-a-Service model - Data exfiltration and public leaks |
| Product Targeted | Telecom Namibia’s infrastructure and customer databases |
| Malware Reference | Likely derived from Hive ransomware encryptor source code |
| Tools Used | Ransomware-as-a-Service platform, Hive-derived encryptor |
| Vulnerabilities Exploited | Likely weak cybersecurity measures in Telecom Namibia’s systems |
| TTPs | - Data exfiltration - Ransom demand with subsequent public data leaks - Social media dissemination |
| Attribution | Hunters International, emerged in October 2023 |
| Recommendations | - Strengthen cybersecurity and data encryption measures - Educate employees on ransomware mitigation - Implement and enforce a Data Protection Act - Collaboration with law enforcement for ongoing investigation |
| Source | The Record |
Read full article: https://therecord.media/namibia-state-telecom-provider-data-leaked-after-ransom-refusal
The above summary has been generated by an AI language model
Leave a Reply