By exchanging data, including indications of compromise (IoCs) on various cyberthreats and types of cybercriminal behavior targeting African nations, Kaspersky has contributed to INTERPOL’s Africa Cyber Surge Operation (ACSO). The basis for a number of operational and investigative actions against the threat actors responsible for the cybercrimes and their harmful infrastructure was provided by this evidence.
The threat intelligence information was provided to INTERPOL as part of the organization’s long-running Gateway project, which promotes collaboration between law enforcement and business stakeholders to gather threat information from various sources so that law enforcement officials can prevent attacks. 28 cyber activity reports were created using the data that Kaspersky and the other Gateway project participants contributed. They paved the path for the ACSO by highlighting a variety of threats that are directed at the African continent and outlining suggested measures that should be implemented by the national authorities.
The AFRIPOL police organization and the member nations of Africa worked together to implement the ACSO, which was started by INTERPOL’s Cybercrime Directorate and INTERPOL Support Program for the African Union (ISPA). The operation coincided with a training session for cyber investigations that took place in Rwanda from July 18 to August 5, 2022.
By assisting INTERPOL in locating harmful infrastructure that was being hosted in African nations in preparation for future takedown operations by the accountable parties, Kaspersky assisted the agency’s work. Kaspersky’s Threat Research, Security Services, and Global Research and Analysis Team (GReAT) analysts assisted in gathering the data that the business supplied. The list of scam and phishing websites, Ransomware C&C servers, IP addresses connected to the harmful infrastructure on the African continent, IoCs on phishing, malware, and botnet activities, and IP addresses from which phishing and spam emails were sent out were also included.
Unsophisticated cybercriminals were discovered by the ASCO course as well as infrastructure that had been compromised. Cyberattack facilitators, such as servers that host or distribute malware, phishing websites, and compromised IP addresses, were removed and disinfected as a result.
“The Africa Cyber Surge Operation, which was started in July 2022, has brought together law enforcement officers from 27 nations. They have been collaborating for almost four months on actionable intelligence provided by INTERPOL commercial partners. This information centered on possibilities for using coordinated LE efforts with INTERPOL platforms, tools, and channels to stop, detect, investigate, and disrupt cybercrime. According to Craig Jones, Director of the Cybercrime Directorate, “This operation focused on both cybercriminals and compromised network infrastructure in Africa, allowing member countries to identify more than 1,000 malicious IP addresses, Dark Web Markets, and individual threat actors, improving cooperation between INTERPOL, AFRIPOL, and the member countries, and contributing to connecting policing for a safer world.
“Kaspersky has long viewed international collaboration as a crucial component of the effective battle against borderless cybercrime and has been working closely with its partners, including INTERPOL, to disrupt threat actors’ nefarious activities all over the world. We are pleased to be a part of INTERPOL’s ACSO and, along with other participants, assist African nations in combating the threat of cybercrime. The operation’s success highlights the importance of teamwork in preventing cybercrimes and enhancing cybersecurity, according to Genie Gan, director of public affairs and government relations for Asia Pacific & Middle East, Turkey, and Africa.
Kaspersky and INTERPOL signed a five-year collaboration agreement in 2019, as part of which the business agreed to offer the law enforcement organization training, support with human resources, and threat intelligence on the most recent cybercriminal operations. Since the agreement was struck, the two sides have worked together in the cybersecurity business to further their cooperation by collaboratively fighting cybercrime and increasing public awareness of serious cyberthreats.