Ransomware Attack on Environmental Investment Fund of Namibia
Incident Date:
May 9, 2024
Overview
Title
Ransomware Attack on Environmental Investment Fund of Namibia
Victim
The Environmental Investment Fund of Namibia
Attacker
Lockbit3
Location
First Reported
May 9, 2024
Ransomware Attack on The Environmental Investment Fund of Namibia
Victim Profile
The Environmental Investment Fund (EIF) of Namibia, established in 2001 by Act 13 of the Parliament of the Republic of Namibia, is a public entity dedicated to supporting sustainable use of natural resources. The Fund focuses on empowering individuals, projects, and communities in Namibia to ensure the long-term conservation and management of the country's natural resources.
Company Standout
The EIF stands out for its commitment to green finance, gender equality, and climate change resilience. It has been instrumental in empowering national entities and demonstrating Africa's ability to take charge of its developmental agenda. The fund is recognized for its direct access modality, preparing aspiring professionals for the real world in various environmental fields.
Attack Details
The EIF of Namibia fell victim to a ransomware attack by the LockBit 3.0 cybercrime group, resulting in the exfiltration of 200 GB of sensitive data, including financial records, human resources information, project details, and invoices. The attackers leaked a sample of the exfiltrated data, highlighting the severity of the breach.
Company Vulnerabilities
The Fund's involvement in sustainable development projects and initiatives, as well as its strategic alliances with other organizations, may have made it a target for threat actors seeking to exploit sensitive data related to natural resource management and green technology. Moreover, the Fund's focus on capacity building and training could have exposed vulnerabilities in its systems, making it susceptible to ransomware attacks.
Ransomware Group Distinction
The LockBit 3.0 ransomware group, an evolution of the LockBit group, distinguishes itself by adopting an affiliate-based ransomware approach and targeting a wide range of businesses and critical infrastructure organizations. LockBit 3.0 is known for its advanced infection capacities, customization options, and the ability to move laterally through a network, making it a formidable threat in the cybersecurity landscape.
LockBit May Attacks
This attack forms part of the May 2024 attacks perpetrated by LockBit 3.0, where the cybercriminal group resurfaced following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach underscore the need for enhanced international cooperation to combat cybercrime effectively.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.