INTERPOL’s Operation Results in 1,209 Arrests in Cybercrime Crackdown
LYON, France – A coordinated effort by INTERPOL, dubbed Operation Serengeti 2.0, has led to the arrest of 1,209 cybercriminals across Africa, targeting nearly 88,000 victims. This extensive operation highlights the pervasive nature of cybercrime and emphasizes the necessity for international collaboration in addressing these threats.
The operation, conducted from June to August 2025, successfully recovered USD 97.4 million and dismantled 11,432 malicious infrastructures. Such results underscore the growing global challenge posed by cybercriminal activities, ranging from ransomware attacks to online fraud schemes like business email compromise (BEC). These threats have been identified as significant risks in the recent INTERPOL Africa Cyberthreat Assessment Report.
Many of these cybercrimes involve the initial access tactics outlined in the MITRE ATT&CK framework, with attackers potentially employing techniques such as phishing to gain entry into organizations’ systems. Following initial access, persistence methods could have been utilized to maintain presence within compromised networks, leading to severe consequences for the victims.
This operation involved joint efforts from law enforcement agencies in 18 African nations along with the United Kingdom, reiterating the vital role of cross-border partnerships in combating cyber threats. Further complicating matters for businesses, the vast array of malicious activities included sophisticated online scams that have targeted both individuals and organizations alike.
Private sector involvement significantly bolstered the operation, with partners contributing critical intelligence, tactical guidance, and training designed to enhance investigators’ abilities to identify offenders. Prior to the crackdown, actionable intelligence regarding specific threats was disseminated among participating countries, equipping them with vital information about suspicious IP addresses, domains, and command-and-control servers.
The proactive sharing of such intelligence acknowledges the collaborative spirit necessary to mount an effective response against pervasive criminal techniques, including privilege escalation and lateral movement, which are common in more advanced cyberattack frameworks.
As cyber threats continue to evolve, understanding the tactics and techniques outlined in the MITRE ATT&CK framework becomes increasingly essential for business owners. It serves not only as a valuable tool for organizations to fortify defenses but also as a guideline for recognizing and mitigating emerging threats in the ever-changing digital landscape.
