[German]Law enforcement officials from 27 INTERPOL countries have been working together as part of the Africa Cyber Surge Operation to combat cybercrime across the continent. The operation was arguably necessary because of the enormous financial losses suffered by companies, businesses and individuals. The investigation was supported by the Alto Networks UNIT 42 cybercrime analysis team, among others.
Advertising
Interpol confirmed the operation in question in this press release. It was a large-scale operation in which law enforcement officials from 27 INTERPOL countries worked together as part of the Africa Cyber Surge Operation to combat cybercrime across the African continent.
Against the backdrop of enormous financial losses suffered by companies, businesses, and individuals, officials worked closely with AFRIPOL to detect, investigate, and disrupt cybercrime through coordinated law enforcement efforts using INTERPOL platforms, tools, and channels during the four-month operation (July to November 2022). Palo Alto Networks' UNIT 42 malware and cybercrime experts contributed to law enforcement success with their own data and intelligence ("intelligence").
Operational Results
The operation was coordinated from an INTERPOL command center in Kigali, Rwanda, and focused on eliminating enabling factors for cybercrime. The results of the operation include:
- 11 people were arrested, including one suspect linked to child abuse, and 10 others suspected of $800,000 worth of fraud affecting victims around the world.
- Authorities in Eritrea shut down a darknet market selling hacking tools and components for cybercrime-as-a-service.
- In Cameroon, several cases of cryptocurrency fraud were solved, including one with an estimated financial loss to the victim of more than 8 million CFA.
- In Tanzania, more than $150,000 in victim funds were recovered from data and copyright breach cases.
- Actions were taken against more than 200,000 malicious cyber infrastructures that facilitate cybercrime across the African region. This included the removal and cleanup of dangerous infrastructures related to botnet activity and the distribution of mass phishing, spam, and online extortion (for example, wedding scams, bank fraud, and data theft) to potential victims.
Participating countries were able to improve their own national cybersecurity by patching network vulnerabilities, cleaning up defaced government websites, and securing vulnerable critical infrastructure, reducing the risk of potentially catastrophic attacks.
Actionable Information
The investigation relied on information provided by INTERPOL private sector partners, including British Telecom, Cyber Defense Institute, Palo Alto Networks' Unit 42, and others.
Advertising
The information also contributed to the development of 28 INTERPOL cyber activity reports that outlined the various threats and types of criminal activity and recommended actions for national authorities.
Participating investigators worked in their home countries with national cyber emergency response teams, Internet service providers, and hosting providers, who were informed of the potential vulnerability of their network infrastructure in their jurisdictions.
This collaboration proved highly successful, with 80 percent of identified ISPs working with law enforcement to mitigate risks, identify vulnerabilities in their infrastructure, and educate customers.
Of the participating countries, 18 have recognized Cyber Emergency Response Teams (CERTs), all of which are actively working with law enforcement and ISPs. Memoranda of understanding have been established between these organizations to formalize future responses.
INTERPOL platforms
An INTERPOL coordination team on the ground in Kigali provided real-time support, while investigators from participating countries used the secure INTERPOL Cybercrime Collaborative Platform for Operations to update each other on progress, share information, and receive support.
The cyber surge operation not only brought many African member countries together for the first time in a unified cybercrime operation, but also helped build trust and establish valuable working relationships among them and with other partners.
Capacity development
The operation was preceded by a two-week training event in Kigali, Rwanda, covering both cybercrime and cryptocurrency investigations. The course, attended by 23 law enforcement agencies from 22 African countries, provided participants with the knowledge and skills needed for the operation and will enable them to be proactive and sustainable in the future.
A debriefing session held in Mauritius in late November allowed member countries to share successes, discuss challenges and identify areas for improvement.
Cyber surge activities have also led to newly introduced legislative protocols and the establishment of a number of cyber crime departments in member countries, which will further help reduce the impact of cyber crime and protect communities in the region.
The operation was preceded by a two-week training event in Kigali, Rwanda, covering both cybercrime and cryptocurrency investigations.
