Kaspersky Lab (www.Kaspersky.co.za) has contributed to INTERPOL’s African Cyber Surge Operation (ACSO) by sharing data, which includes information on various cyber threats and types of cybercrime activity targeting African countries. Indicators of Compromise (IoC). This evidence has informed a series of operational and investigative campaigns targeting the threat actors behind cybercrime and their malicious infrastructure.
Threat intelligence data has been shared with Interpol as part of the agency’s long-term Gateway project, which encourages collaboration between law enforcement and private industry players to accumulate threat data from multiple sources, enabling police authorities to prevent attacks . Based on information shared by Kaspersky and other Gateway project partners, 28 cyber activity reports were drawn up. They highlighted a range of threats against the continent and outlined recommended actions for national authorities, paving the way for ACSO.
ACSO was initiated by INTERPOL’s Cybercrime Directorate and the INTERPOL African Union Support Program (ISPA), in cooperation with AFRIPOL police agencies and African member states. This operation is in conjunction with a cyber investigation training event in Rwanda from 18 July to 5 August 2022.
Kaspersky supports the operations of Interpol, helping the agency identify malicious infrastructure hosted in African countries with a view to future action by the responsible agency. The information shared by the company was gathered with the help of Kaspersky Threat Research, Security Services and Global Research and Analysis Team (GReAT) analysts. it includes:
IoCs on phishing, malware and botnet activity
IP address of the ransomware C&C server
IP addresses linked to malicious infrastructure on the African continent
IP addresses sending phishing and spam
List of Scam and Phishing Sites
ASCO courses identify simple cybercriminals and the infrastructure compromised as part of their criminal activities. As a result, cyber-attack enablers including malware hosting or distribution servers, phishing sites, and compromised IP addresses were removed and cleaned.
“Operation Africa Cyber Surge, launched in July 2022, brought together law enforcement officials from 27 countries for nearly four months to work together on actionable intelligence provided by INTERPOL’s private partners. The intelligence Focuses on prevention, detection, investigation and problem-solving opportunities. Disrupt cybercrime by coordinating LE activities utilizing INTERPOL platforms, tools and channels. This operation focuses on cybercriminals and compromised cyber infrastructure in Africa, enabling Member states were able to identify more than 1,000 malicious IP addresses, darknet markets and individual threat actors, strengthening cooperation between INTERPOL, AFRIPOL and member states, and contributing to a safer world,” said Cybercrime Director Craig Jones said.
“Kaspersky has always viewed international cooperation as a key element in the effective fight against borderless cybercrime and has been working closely with partners, including INTERPOL, to disrupt the malicious activities of global threat actors. We are delighted to be part of the international A member of Interpol ACSO, along with other players, helping African countries address cybercrime threats. The successful operation strengthens the role of cooperation in combating cybercrime and achieving greater cybersecurity,” Asia-Pacific and Middle East Public Affairs and Government Genie Gan, head of relations, commented on Kaspersky’s East, Turkey and Africa.
In 2019, Kaspersky signed a five-year partnership with Interpol, under which the company pledged to provide law enforcement with human resources support, training and threat intelligence data on the latest cybercrime activity. Since the document was signed, both parties have furthered their cooperation by working together to prevent cybercrime (http://bit.ly/3Vl17L1) and raise awareness of serious cyber threats (http://bit.ly/3Fbfwns). Cybersecurity industry.
(Input from APO)