Kaspersky recently assisted its partner law enforcement agencies Interpol and Africapol in a joint effort to disrupt cybercrime across the African region.
Dubbed “Serengeti”, the operation has led to the arrest of more than 1 000 individuals suspected of links to cybercrimes such as ransomware operation and business email compromise (BEC) attacks, resulting in nearly $193-million in financial losses worldwide.
As Africa is going through a rapid digitisation, the threat of cybercrime on the continent is also escalating. In South Africa, ransomware has emerged as a prominent attack vector, targeting critical infrastructure, financial institutions, and manufacturing facilities, among others.
During the first 10 months of 2024, there were more than 165 000 ransomware attack detections in Africa and more than 17 000 in South Africa, according to Kaspersky data. Other noticeable cyberthreats targeting users and organisations in the region include spyware and password stealers.
Conducted from 2 September to 31 October, operation Serengeti dismantled 134 089 malicious infrastructures and networks linked to cybercrimes including ransomware operations, BEC attacks, digital extortion and online scams — all identified as prominent threats in Interpol’s 2024 Africa Cyber Threat Assessment Report.
Kaspersky contributed to the operation by sharing information on threat actors, data on ransomware attacks and malware targeting the region, as well as up-to-date indicators of compromise (IoCs) for malicious infrastructure across Africa.
Among the malware targeting African countries was also a well-known Brazilian banking trojan Grandoreiro, along with ransomware families including LockBit, Rhysida, and Medusa.
The operation also resulted in the identification of more than 35 000 victims of cyber offenses investigated.
Valdecy Urquiza, secretary-general of Interpol, comments: “From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern. Operation Serengeti shows what we can achieve by working together, and these arrests alone will save countless potential future victims from real personal and financial pain. We know that this is just the tip of the iceberg, which is why we will continue targeting these criminal groups worldwide.”
Ambassador Jalel Chelba, Afripol’s acting-executive director, says: “Through Serengeti, Afripol has significantly enhanced support for law enforcement in African Union member states. We’ve facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques.”
Yuliya Shlychkova, vice-president: global public affairs at Kaspersky, adds: “We are proud to contribute to this multi-stakeholder operation orchestrated by Interpol and Afripol. The emerging dynamics of the threat landscape in Africa requires a stronger regional dialogue on mitigating acute cybersecurity risks.
“Kaspersky firmly supports Interpol’s and Afripol’s efforts to prevent and disrupt cybercrime attacks across Africa and shares the holistic approach towards creating a more cyber-resilient environment within the continent.”