Kaspersky has recently assisted its partner law enforcement agencies INTERPOL and AFRIPOL in a joint effort to disrupt cybercrime across the African region. Dubbed “Serengeti,” the operation has led to the arrest of more than 1,000 individuals suspected of links to cybercrimes such as ransomware operation and business email compromise (BEC) attacks, resulting in nearly US $193 million in financial losses worldwide.
As Africa is going through a rapid digitization, the
threat of cybercrime on the continent is also escalating. In the African region
in particular, ransomware has emerged
as a prominent attack vector, targeting critical infrastructure, financial
institutions, and manufacturing facilities, among others. During the first
10 months of 2024, there were over 165,000 ransomware attack detections in
Africa, according to Kaspersky data. Other noticeable cyberthreats targeting
users and organizations in the region include spyware and password stealers.
Conducted from September 2 to October 31, operation Serengeti dismantled
134,089 malicious infrastructures and networks linked to cybercrimes including ransomware
operations, BEC attacks, digital extortion and online scams — all identified as
prominent threats in INTERPOL’s 2024 Africa Cyber Threat Assessment Report.
Kaspersky has contributed to the operation by sharing information on threat
actors, data on ransomware attacks and malware
targeting the region, as well as up-to-date indicators of compromise (IoCs) for
malicious infrastructure across Africa. Among the malware targeting African
countries was also a well-known Brazilian banking trojan Grandoreiro –
Kaspersky recently released new findings on this
trojan at its Security Analyst Summit. Additionally, ransomware families
detected in attacks on African organizations among others included LockBit, Rhysida,
and Medusa.
The operation
has also resulted in the identification of more than 35,000 victims of cyber offenses
investigated.Valdecy
Urquiza, Secretary General of INTERPOL, said: “From multi-level marketing scams to credit card fraud on an industrial
scale, the increasing volume and sophistication of cybercrime attacks is of
serious concern. Operation Serengeti shows what we can achieve by working
together, and these arrests alone will save countless potential future victims
from real personal and financial pain. We know that this is just the tip of the
iceberg, which is why we will continue targeting these criminal groups
worldwide.”
Ambassador
Jalel Chelba, AFRIPOL’s Acting Executive Director said:
“Through Serengeti, AFRIPOL has significantly
enhanced support for law enforcement in African Union Member States. We’ve
facilitated key arrests and deepened insights into cybercrime trends. Our focus
now includes emerging threats like AI-driven malware and advanced attack
techniques.”
“We are proud to contribute to this multi-stakeholder operation orchestrated by
INTERPOL and AFRIPOL,” comments Yuliya Shlychkova, Vice President, Global
Public Affairs, Kaspersky. “The emerging dynamics of the threat
landscape in Africa requires a stronger regional dialogue on mitigating acute
cybersecurity risks. Kaspersky firmly supports INTERPOL’s and AFRIPOL’s efforts
to prevent and disrupt cybercrime attacks across Africa, and shares the
holistic approach towards creating a more cyber-resilient environment within
the continent.”
Thanks to the cooperation
with INTERPOL and AFRIPOL, Kaspersky has been an active contributor to fostering
a more cyber-savvy environment in the African region. In addition to the vast
record of joint operations in Africa, with the latest being INTERPOL-led
operation Synergia II, Kaspersky has recently sealed a five-year cooperation agreement with AFRIPOL to further strengthen its role in
creating a more cybersafe climate on the continent by sharing Kaspersky’s extensive
data on local cyberthreats and cybercrime trends with the organization.