As Africa is going through a rapid digitisation, the threat of cybercrime on the continent is also escalating. In the African region in general and West Africa in particular, ransomware emerges as one of the most prominent attack vectors, targeting critical infrastructure, financial institutions, and manufacturing facilities, among others. During the first 10 months of 2024, ransomware detections in West Africa surged by 36% year-on-year, according to Kaspersky data. Other noticeable cyberthreats targeting users and organisations in the region include spyware and password stealers.
Conducted from September 2 to October 31, operation Serengeti dismantled 134,089 malicious infrastructures and networks linked to cybercrimes including ransomware operations, BEC attacks, digital extortion and online scams — all identified as prominent threats in INTERPOL’s 2024 Africa Cyber Threat Assessment Report.
Kaspersky has contributed to the operation by sharing information on threat actors, data on ransomware attacks and malware targeting the region, as well as up-to-date indicators of compromise (IoCs) for malicious infrastructure across Africa. Among the malware targeting African countries was also a well-known Brazilian banking trojan Grandoreiro – Kaspersky recently released new findings on this trojan at its Security Analyst Summit. Additionally, ransomware families detected in attacks on African organisations among others included LockBit, Rhysida, and Medusa.
The operation has also resulted in the identification of more than 35,000 victims of cyber offenses investigated.
Valdecy Urquiza, Secretary General of INTERPOL, said: “From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks is of serious concern. Operation Serengeti shows what we can achieve by working together, and these arrests alone will save countless potential future victims from real personal and financial pain. We know that this is just the tip of the iceberg, which is why we will continue targeting these criminal groups worldwide.”
Ambassador Jalel Chelba, AFRIPOL’s Acting Executive Director said: “Through Serengeti, AFRIPOL has significantly enhanced support for law enforcement in African Union Member States. We’ve facilitated key arrests and deepened insights into cybercrime trends. Our focus now includes emerging threats like AI-driven malware and advanced attack techniques.”
“We are proud to contribute to this multi-stakeholder operation orchestrated by INTERPOL and AFRIPOL,” comments Yuliya Shlychkova, Vice President, Global Public Affairs, Kaspersky. “The emerging dynamics of the threat landscape in Africa requires a stronger regional dialogue on mitigating acute cybersecurity risks. Kaspersky firmly supports INTERPOL’s and AFRIPOL’s efforts to prevent and disrupt cybercrime attacks across Africa and shares the holistic approach towards creating a more cyber-resilient environment within the continent.”
Thanks to the cooperation with INTERPOL and AFRIPOL, Kaspersky has been an active contributor to fostering a more cyber-savvy environment in the African region. In addition to the vast record of joint operations in Africa, with the latest being INTERPOL-led operation Synergia II, Kaspersky has recently sealed a five-year cooperation agreement with AFRIPOL to further strengthen its role in creating a more cybersafe climate on the continent by sharing Kaspersky’s extensive data on local cyberthreats and cybercrime trends with the organisation.