INTERPOL’s Africa Cyber Surge Operation (ACSO) gets boost from Kaspersky

By exchanging data, including indications of compromise (IoCs) on various cyberthreats and types of cybercriminal behavior targeting African nations, Kaspersky has contributed to INTERPOL’s Africa Cyber Surge Operation (ACSO). The basis for a number of operational and investigative actions against the threat actors responsible for the cybercrimes and their harmful infrastructure was provided by this evidence.

The threat intelligence information was provided to INTERPOL as part of the organization’s long-running Gateway project, which promotes collaboration between law enforcement and business stakeholders to gather threat information from various sources so that law enforcement officials can prevent attacks. 28 cyber activity reports were created using the data that Kaspersky and the other Gateway project participants contributed.

They paved the path for the ACSO by highlighting a variety of threats that are directed at the African continent and outlining suggested measures that should be implemented by the national authorities.

The AFRIPOL police organization and the member nations of Africa worked together to implement the ACSO, which was started by INTERPOL’s Cybercrime Directorate and INTERPOL Support Program for the African Union (ISPA). The operation coincided with a training session for cyber investigations that took place in Rwanda from July 18 to August 5, 2022.

By assisting INTERPOL in locating harmful infrastructure that was being hosted in African nations in preparation for future takedown operations by the accountable parties, Kaspersky assisted the agency’s work. Kaspersky’s Threat Research, Security Services, and Global Research and Analysis Team (GReAT) analysts assisted in gathering the data that the business supplied. The list of scam and phishing websites, Ransomware C&C servers, IP addresses connected to the harmful infrastructure on the African continent, IoCs on phishing, malware, and botnet activities, and IP addresses from which phishing and spam emails were sent out were also included.

Unsophisticated cybercriminals were discovered by the ASCO course as well as infrastructure that had been compromised. Cyberattack facilitators, such as servers that host or distribute malware, phishing websites, and compromised IP addresses, were removed and disinfected as a result.

“The Africa Cyber Surge Operation, launched in July 2022, has brought together law enforcement officials from 27 countries, working together for almost 4-months on actionable intelligence provided by INTERPOL private partners. This intelligence focused on opportunities to prevent, detect, investigate and disrupt cybercrime through coordinated LE activities utilising INTERPOL platforms, tools, and channels. This operation focused both on cyber criminals and compromised network infrastructure in Africa, allowing member countries to identify more than 1,000 malicious IP addresses, Dark Web Markets, and individual threat actors, enhancing cooperation between INTERPOL, AFRIPOL and the member countries, and contributing to connecting policing for a safer world,” said Craig Jones, Director Cybercrime Directorate. 

“Kaspersky has always seen international cooperation as a key element of the effective fight against borderless cybercrime and has been working closely with its partners, including INTERPOL, to disrupt malicious activities of threat actors worldwide. We are happy to be a part of INTERPOL’s ACSO and, together with other participants, help African countries tackle the cybercrime threat. The successful operation boosts the role of collaborative efforts in combating cyber offences and achieving greater cybersecurity,” added Genie Gan, head of Public Affairs and Government Relations for Asia Pacific & Middle East, Turkey and Africa. 

Kaspersky and INTERPOL signed a five-year collaboration agreement in 2019, as part of which the business agreed to offer the law enforcement organization training, support with human resources, and threat intelligence on the most recent cybercriminal operations. Since the agreement was struck, the two sides have worked together in the cybersecurity business to further their cooperation by collaboratively fighting cybercrime and increasing public awareness of serious cyberthreats.