NACL A.I CyberSecurity Scoring
NACL
Company Information
Website:https://www.airports.com.na
Employees number:31
Number of followers:1,875
NAICS:481
Industry Type:Airlines and Aviation
Homepage:airports.com.na
NACL Risk Score (AI oriented)
Between 0 and 549
NACLAirlines and Aviation
Updated:
28/03/2026
28/03/2026
468/1000
Critical
C
NACL Global Score (TPRM)
xxxx
NACLAirlines and Aviation
Score locked

NACLCritical
Current Score
468C (CRITICAL)
01000
2 incidents
-142 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
495
JUNE 2026
491
MAY 2026
478
APRIL 2026
477
MARCH 2026
639
Ransomware
20 Mar 2026 • NACL
Namibia Airports Company, Paratus, Namibia Students Financial Assistance Fund and Telecom Namibia: Hackers who hit Otjiwarongo municipality now after NAC – Windhoek Observer
Namibia Airports Company Hit by INC Ransomware Group
467
CRITICAL-172
NAMTELPAR1773995423
Namibia Airports Company Hit by INC Ransomware Group, 500GB of Data at Risk
The Namibia Airports Company (NAC) has fallen victim to a cyberattack by the INC Ransomware Group, which claims to have stolen 500GB of sensitive data, including financial records, human resources information, and customer details. The breach was first detected on Thursday night, following unauthorized activity within NAC’s network systems, as confirmed by the Communications Regulatory Authority of Namibia (CRAN).
The INC Ransomware Group, a known cybercriminal organization with a history of targeting both public and private sectors globally, announced the attack on 19 March 2026, threatening to release the stolen data once a countdown timer expires a tactic designed to pressure the company into meeting their demands. This marks the second attack by the group in Namibia, following a previous breach of the Otjiwarongo Municipality in 2025.
The Namibia Cyber Security Incident Response Team (Nam-CSIRT) had earlier revealed the NAC breach on Monday, after detecting disruptions in the company’s systems. The INC group employs a double-extortion method, stealing data while also encrypting systems to force compliance. Authorities are actively monitoring the situation, though NAC has yet to issue an official statement.
The incident comes amid a surge in cyber threats in Namibia, with Nam-CSIRT reporting over 535,000 vulnerabilities and 195,661 cyber events between October and December 2025. Other active ransomware groups, including Genesis and Benzona, have also been targeting organizations, with Benzona demanding payment within 72 hours of locking systems.
Recent months have seen a sharp rise in cyberattacks across Namibia, with 1.1 million threats and nearly one million vulnerabilities recorded in the first half of 2025. High-profile victims include Telecom Namibia (December 2024) and Paratus (2025), while the Namibia Students Financial Assistance Fund (NSFAF) suffered a data breach in October 2025, exposing the personal information of 7,000 students. The government is currently drafting a data protection bill to strengthen cybersecurity measures and safeguard digital systems.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
750
Ransomware
06 Mar 2026 • NACL
Namibia Airports Company, Namibia Wildlife Resorts, Telecom Namibia and Paratus Group: Cybercriminal group says it hacked Namibia’s biggest airport operator
Inc Ransomware Group Claims Attack on Namibia Airports Company
638
CRITICAL-112
PARNAMTEL1773945547
Inc Ransomware Group Claims Attack on Namibia Airports Company in March 2026
The ransomware group Inc has taken responsibility for a cyberattack on Namibia Airports Company (NAC), the state-owned operator of eight major airports in Namibia, which occurred on March 6, 2026. According to Inc’s data leak site, the group exfiltrated nearly 500 GB of data during the breach. However, NAC has not confirmed Inc’s claims, and the nature of the compromised data remains unverified.
In a March 16, 2026 statement, NAC acknowledged the incident, describing it as an unauthorized access to network infrastructure and administrative accounts. The company reported that services were restored with limited operational disruption and stated that no evidence of data exfiltration had been found at the time, though investigations are ongoing.
### About Inc
First detected in July 2023, Inc is a ransomware group known for targeting healthcare, education, and government sectors, including 24 confirmed attacks on government entities, four of which were airports. The group employs spear phishing and software vulnerabilities to deploy malware that both steals data and encrypts systems, demanding ransom payments for decryption.
Inc has claimed 694 ransomware attacks in total, with 173 confirmed by victims. In 2026 alone, the group has taken credit for 114 attacks, 10 of which were verified. This marks Inc’s fifth attack on an aviation company, following previous breaches at Oceanair (USA), Air Europa (Spain), South African Airways, and Air Côte d’Ivoire.
### Broader Impact on Transportation Sector
The NAC attack is part of a growing trend of ransomware targeting transportation infrastructure. In 2026, at least 22 confirmed ransomware attacks have hit government entities worldwide, along with four on private transport companies. Recent incidents include:
- Nagoya Port Authority (Japan, January 2026) – Claimed by LockBit
- Tulsa International Airport (USA, January 2026) – Claimed by Qilin
Such attacks can disrupt operations, delay services, compromise booking systems, and expose travelers to fraud risks, often forcing organizations to choose between paying ransoms or facing prolonged downtime and data loss.
### Ransomware in Namibia
Namibia has seen five confirmed ransomware attacks in recent years, including:
- Otjiwarongo Municipality (July 2025) – Claimed by Inc
- Namibia Wildlife Resorts (February 2021)
- Telecom Namibia (November 2024) – Claimed by Hunters International
- Paratus Group (February 2025) – Claimed by Akira
NAC, overseen by the Ministry of Public Works and Transport, manages key airports in Namibia, including Hosea Kutako International Airport (Windhoek) and Walvis Bay International Airport. The full scope of the March 2026 breach remains under investigation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2026
750
JANUARY 2026
750
DECEMBER 2025
750
NOVEMBER 2025
750
OCTOBER 2025
750
SEPTEMBER 2025
750
AUGUST 2025
750
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for NACL ??
What was NACL's A.I Rankiteo Cyber Score in June 2026 ??
What was NACL's A.I Rankiteo Cyber Score in May 2026 ??
What was NACL's A.I Rankiteo Cyber Score in April 2026 ??
What was NACL's A.I Rankiteo Cyber Score in March 2026 ??
What was NACL's A.I Rankiteo Cyber Score in February 2026 ??
What was NACL's A.I Rankiteo Cyber Score in January 2026 ??
What was NACL's A.I Rankiteo Cyber Score in December 2025 ??
What was NACL's A.I Rankiteo Cyber Score in November 2025 ??
What was NACL's A.I Rankiteo Cyber Score in October 2025 ??
What was NACL's A.I Rankiteo Cyber Score in September 2025 ??
What was NACL's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on NACL's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with NACL ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view NACL's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?