A global cybersecurity incident known as FortiBleed may have exposed administrator credentials and firewall configuration data at 13 Namibian organisations.
The Namibia Cyber Security Incident Response Team on Saturday said it had been made aware of the international cybersecurity threat and identified the Namibian organisations that could be exposed.
“While there is currently no evidence of widespread compromise among affected Namibian organisations, this incident highlights the importance of proactive cybersecurity measures,” Communications Regulatory Authority of Namibia (Cran) spokesperson Mufaro Nesongano says.
FortiBleed affects systems that use Fortinet infrastructure. Exposed administrator credentials could allow cybercriminals access to company networks and impersonate legitimate users, Nesongano says.
“In simple terms, Fortinet firewalls act as the digital front gate to an organisation’s network.
“If the keys to that gate, such as administrator usernames, passwords or VPN credentials, become exposed, malicious actors may be able to enter the network as though they were authorised users and carry out harmful activities without immediately raising suspicion,” Nesongano says.
The potentially affected organisations were told to reset administrator and VPN credentials, add multifactor authentication and upgrade Fortinet devices.
Cran recommends that they review their firewall configurations for unauthorised changes and conduct reviews to identify any compromises to their systems.
“We commend the organisations that have acted swiftly to implement the recommended remediation steps and encourage all entities using internet-facing infrastructure to regularly review their security posture,” Nesongano says.
FortiBleed is linked to a Russian-speaking cybercriminal group that has stolen credentials from 74 000 VPN and firewall configurations globally, according to cybersecurity company Field Effect.
