Ransomware Attack on Environmental Investment Fund of Namibia
Ransomware Attack on The Environmental Investment Fund of Namibia
Victim Profile
The Environmental Investment Fund (EIF) of Namibia, established in 2001 by Act 13 of the Parliament of the Republic of Namibia, is a public entity dedicated to supporting sustainable use of natural resources. The Fund focuses on empowering individuals, projects, and communities in Namibia to ensure the long-term conservation and management of the country's natural resources.
Company Standout
The EIF stands out for its commitment to green finance, gender equality, and climate change resilience. It has been instrumental in empowering national entities and demonstrating Africa's ability to take charge of its developmental agenda. The fund is recognized for its direct access modality, preparing aspiring professionals for the real world in various environmental fields.
Attack Details
The EIF of Namibia fell victim to a ransomware attack by the LockBit 3.0 cybercrime group, resulting in the exfiltration of 200 GB of sensitive data, including financial records, human resources information, project details, and invoices. The attackers leaked a sample of the exfiltrated data, highlighting the severity of the breach.
Company Vulnerabilities
The Fund's involvement in sustainable development projects and initiatives, as well as its strategic alliances with other organizations, may have made it a target for threat actors seeking to exploit sensitive data related to natural resource management and green technology. Moreover, the Fund's focus on capacity building and training could have exposed vulnerabilities in its systems, making it susceptible to ransomware attacks.
Ransomware Group Distinction
The LockBit 3.0 ransomware group, an evolution of the LockBit group, distinguishes itself by adopting an affiliate-based ransomware approach and targeting a wide range of businesses and critical infrastructure organizations. LockBit 3.0 is known for its advanced infection capacities, customization options, and the ability to move laterally through a network, making it a formidable threat in the cybersecurity landscape.
LockBit May Attacks
This attack forms part of the May 2024 attacks perpetrated by LockBit 3.0, where the cybercriminal group resurfaced following the disruption of its infrastructure in February during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's adaptability and global reach underscore the need for enhanced international cooperation to combat cybercrime effectively.
Sources:
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!