Kaspersky has recently assisted its partner law enforcement agencies INTERPOL and AFRIPOL in a joint effort to disrupt cybercrime across the African region. Dubbed “Serengeti,” the operation has led to the arrest of more than 1,000 individuals suspected of links to cybercrimes such as ransomware operation and business email compromise (BEC) attacks, resulting in nearly US $193 million in financial losses worldwide.
As Africa is going through a rapid digitisation, the threat of cybercrime on the continent is also escalating. In South Africa, ransomware has emerged as a prominent attack vector, targeting critical infrastructure, financial institutions, and manufacturing facilities, among others. During the first 10 months of 2024, there were over 165,000 ransomware attack detections in Africa and over 17,000 in South Africa, according to Kaspersky data. Other noticeable cyberthreats targeting users and organisations in the region include spyware and password stealers.
Conducted
from September 2 to October 31, operation Serengeti dismantled 134,089
malicious infrastructures and networks linked to cybercrimes including
ransomware operations, BEC attacks, digital extortion and online scams — all
identified as prominent threats in INTERPOL’s 2024
Africa Cyber Threat Assessment Report.
Kaspersky has contributed to the operation by sharing information on threat
actors, data
on ransomware attacks and
malware targeting the region, as well as up-to-date indicators of compromise
(IoCs) for malicious infrastructure across Africa. Among the malware targeting
African countries was also a well-known Brazilian banking trojan Grandoreiro –
Kaspersky recently released new findings on this trojan at its
Security Analyst Summit. Additionally, ransomware families detected in attacks
on African organisations among others included LockBit, Rhysida, and Medusa.
The operation has also resulted in the identification of more than 35,000 victims
of cyber offenses investigated.
Valdecy Urquiza, Secretary General of INTERPOL, said: “From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern. Operation Serengeti shows what we can achieve by working together, and these arrests alone will save countless potential future victims from real personal and financial pain. We know that this is just the tip of the iceberg, which is why we will continue targeting these criminal groups worldwide.”
Ambassador Jalel Chelba, AFRIPOL’s Acting Executive Director said: “Through Serengeti, AFRIPOL has significantly enhanced support for law enforcement in African Union Member States. We’ve facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques.”
“We are proud to contribute to this multi-stakeholder operation orchestrated by INTERPOL and AFRIPOL,” comments Yuliya Shlychkova, Vice President, Global Public Affairs, Kaspersky. “The emerging dynamics of the threat landscape in Africa requires a stronger regional dialogue on mitigating acute cybersecurity risks. Kaspersky firmly supports INTERPOL’s and AFRIPOL’s efforts to prevent and disrupt cybercrime attacks across Africa and shares the holistic approach towards creating a more cyber-resilient environment within the continent.”
Thanks to the cooperation with INTERPOL and AFRIPOL, Kaspersky has been an active contributor to fostering a more cyber-savvy environment in the African region. In addition to the vast record of joint operations in Africa, with the latest being INTERPOL-led operation Synergia II, Kaspersky has recently sealed a five-year cooperation agreement with AFRIPOL to further strengthen its role in creating a more cybersafe climate on the continent by sharing Kaspersky’s extensive data on local cyberthreats and cybercrime trends with the organisation.
