Connect with us

Cyber Security

Group-IB Helps INTERPOL-led Africa Cyber Surge II Operation Leading to Arrests of 14 Suspects

Published

on

Group-IB has made a key contribution to the INTERPOL-led Africa Cyber Surge II operation, a major joint initiative between international and national law enforcement agencies and private sector cybersecurity companies to prevent, mitigate, and disrupt threat actors on the African continent. The Africa Cyber Surge II operation, which spanned 25 African countries, resulted in the arrests of 14 suspected cybercriminals and the identification of more than 20,000 suspicious cyber networks linked to financial losses in excess of $40 million.

The Africa Cyber Surge II operation was launched in April 2023 and was carried out with funding by the UK Foreign Commonwealth and Development Office, the German Federal Foreign Office and the Council of Europe. This multinational, streamlined crime-fighting initiative brought together INTERPOL, AFRIPOL, Group-IB, and Uppsala Security to provide on-the-ground operational support and share actionable intelligence on cyber extortion, phishing, business email compromise, and online scams.

This intelligence was subsequently shared with national law enforcement agencies on the African continent, leading to the arrest of 14 suspects in countries such as Cameroon, Nigeria, and Mauritius, and the takedown of hundreds of malicious IP addresses and malware hosters. Additionally, the educational track of this operation saw parties share best practices on how to combat the surge in digital insecurity and growing cyber threats in the region.

Group-IB, a long-standing private sector partner of INTERPOL, collected and shared at the request of INTERPOL more than 1,000 indicators drawn from the company’s sector-leading Threat Intelligence related to malicious infrastructure across Africa. The data contained domains, URLs, and server IP addresses used in phishing and malware attacks. INTERPOL member countries in Africa leveraged this information in several takedown operations.

Africa Cyber Surge II also had knowledge sharing at its core. During operational activities held in Tanzania In June, Group-IB’s Deputy Head of APAC High-Tech Crime Investigation Department, Kristina Ivanova, shared expertise on techniques to tackle business email compromise scams, phishing and online fraud, and also contributed to a panel discussion on the importance of public-private sector partnerships in tackling cybercrime. Group-IB experts also assisted national law enforcement agencies on the African continent via a series of practical workshops dedicated to the analysis of real cybercrime cases.

“Group-IB is proud of its contribution to fighting against cybercrime in Africa, and we do this in order to protect organizations and citizens across the whole globe against cybercrime through our intelligence-driven technology and agile expertise,” Dmitry Volkov, CEO at Group-IB, said. “The Africa Cyber Surge II is yet another milestone with regard to cooperation between international law enforcement, national agencies, and private sector cybersecurity companies. Collaboration and intelligence sharing should be at the heart of cybersecurity operations, and Group-IB stands ready to make a further contribution to this end, in line with our core strategic mission of fighting against cybercrime in all its forms.”

“The Africa Cyber Surge II operation has led to the strengthening of cybercrime departments in member countries as well as the solidification of partnerships with crucial stakeholders, such as computer emergency response teams and Internet service providers. This will further contribute to reducing the global impact of cybercrime and protecting communities in the region,” said Jürgen Stock, INTERPOL Secretary General.

“As digital systems, Information Communication Technologies and Artificial Intelligence grow in prominence, it is urgent that public and private actors work hand in hand to prevent these technologies from being exploited by cybercriminals. Coordinated operations such as Cyber Surge are necessary to disrupt criminal networks and build individual, organizational and society-wide levels of protection,” said AFRIPOL’s Acting Executive Director, Ambassador Jalel Chelba.

This most recent initiative follows in the wake of the highly successful Africa Cyber Surge operation, launched in July 2022, which was aimed at identifying cybercriminals and compromised infrastructure in Africa. During this four-month operation, Group-IB provided key cyber threat intelligence that aided cooperation between INTERPOL’s Cybercrime Directorate, ISPA, AFRIPOL, and INTERPOL’s African member states. Some of the operation’s highlights included the arrest of 10 suspects linked to fraud and scams amounting to $800,000 in financial damages and the takedown of more than 200,000 pieces of malicious infrastructure.

Group-IB, which has a zero-tolerance policy to cybercrime, has been an official private sector partner of INTERPOL since 2017, and the company has participated in multiple crime-fighting initiatives on the African continent, including Falcon I and II, Delilah, and Lyrebird. In July 2023, Group-IB played a key role in the INTERPOL-led Operation Nervone, an initiative aimed at disrupting the activities of the notorious cybercriminal group dubbed OPERA1ER by Group-IB (also known as NXSMS, DESKTOP-Group, and Common Raven).

This joint operation was launched under the guises of the African Joint Operation against Cybercrime (AFJOC) and the INTERPOL Support Programme for the African Union (ISPA), in conjunction with AFRIPOL, the Direction de L’information et des Traces Technologiques (DITT), Group-IB and the Orange CERT Coordination Center (Orange-CERT-CC) led to the arrest of a suspected leader of the cybercrime syndicate in Côte d’Ivoire.

Cyber Security

Axis Communications Sheds Light on Video Surveillance Industry Perspectives on AI

Published

on

Axis Communications has published a new report that explores the state of AI in the global video surveillance industry. Titled The State of AI in Video Surveillance, the report examines the key opportunities, challenges and future trends, as well as the responsible practices that are becoming critical for organisations in their use of AI. The report draws insights from qualitative research as well as quantitative data sources, including in-depth interviews with carefully selected experts from the Axis global partner network.

A leading insight featured in the report is the unanimous view among interviewees that interest in the technology has surged over the past few years, with more and more business customers becoming curious and increasingly knowledgeable about its potential applications.

Mats Thulin, Director AI & Analytics Solutions at Axis Communications

“AI is a technology that has the potential to touch every corner and every function of the modern enterprise. That said, any implementations or integrations that aim to drive value come with serious financial and ethical considerations. These considerations should prompt organisations to scrutinise any initiative or investment. Axis’s new report not only shows how AI is transforming the video surveillance landscape, but also how that transformation should ideally be approached,” said Mats Thulin, Director AI & Analytics Solutions at Axis Communications.

According to the Axis report, the move by businesses from on-premise security server systems to hybrid cloud architectures continues at pace, driven by the need for faster processing, improved bandwidth usage and greater scalability. At the same time, cloud-based technology is being combined with edge AI solutions, which play a crucial role by enabling faster, local analytics with minimal latency, a prerequisite for real-time responsiveness in security-related situations.

By moving AI processing closer to the source using edge devices such as cameras, businesses can reduce bandwidth consumption and better support real-time applications like security monitoring. As a result, the hybrid approach is expected to continue to shape the role of AI in security and unlock new business intelligence and operational efficiencies.

A trend that is emerging among businesses is the integration of diverse data for a more comprehensive analysis, transforming safety and security. Experts predict that by integrating additional sensory data, such as audio and contextual environmental factors caught on camera, can lead to enhanced situational awareness and greater actionable insights, offering a more comprehensive understanding of events.

Combining multiple data streams can ultimately lead to improved detection and prediction of potential threats or incidents. For example, in emergency scenarios, pairing visual data with audio analysis can enable security teams to respond more quickly and precisely. This context-aware approach can potentially elevate safety, security and operational efficiency, and reflects how system operators can leverage and process multiple data inputs to make better-informed decisions.

According to the Axis report, interviewees emphasised that responsible AI and ethical considerations are critical priorities in the development and deployment of new systems, raising concerns about decisions potentially based on biased or unreliable AI. Other risks highlighted include those related to privacy violations and how facial and behavioural recognition could have ethical and legal repercussions.

As a result, a recurring theme among interviewees was the importance of embedding responsible AI practices early in the development process. Interviewees also pointed to regulatory frameworks, such as the EU AI Act, as pivotal in shaping responsible use of technology, particularly in high-risk areas. While regulation was broadly acknowledged as necessary to build trust and accountability, several interviewees also stressed the need for balance to safeguard innovation and address privacy and data security concerns.

“The findings of this report reflect how enterprises are viewing the trend of AI holistically, working to have a firm grasp of both how to use the technology effectively and understand the macro implications of its usage. Conversations surrounding privacy and responsibility will continue but so will the pace of innovation and the adoption of technologies that advance the video surveillance industry and lead to new and exciting possibilities,” Thulin added.

Continue Reading

Artificial Intelligence

CyberKnight Partners with Ridge Security for AI-Powered Security Validation

Published

on

The automated penetration testing market was valued at roughly $3.1 billion in 2023 and is projected to grow rapidly, with forecasts estimating a compound annual growth rate (CAGR) between 21% and 25%. By 2030, the sector is expected to reach approximately $9 to $10 billion. The broader penetration testing industry is also expanding, with projections indicating it will surpass $5.3 billion by 2027, according to MarketandMarket.

To support enterprises and government entities across the Middle East, Turkey and Africa (META) with identifying and validating vulnerabilities and reducing security gaps in real-time, CyberKnight has partnered with Ridge Security, the World’s First Al-powered Offensive Security Validation Platform. Ridge Security’s products incorporate advanced artificial intelligence to deliver security validation through automated penetration testing and breach and attack simulations.

RidgeBot uses advanced AI to autonomously perform multi-vector iterative attacks, conduct continuous penetration testing, and validate vulnerabilities with zero false positives. RidgeBot has been deployed by customers worldwide as a key element of their journey to evolve from traditional vulnerability management to Continuous Threat Exposure Management (CTEM).

“Ridge Security’s core strength lies in delivering holistic, AI-driven security validation that enables organizations to proactively manage risk and improve operational performance,” said Hom Bahmanyar, Chief Enablement Officer at Ridge Security. “We are delighted to partner with CyberKnight to leverage their network of strategic partners, deep-rooted customer relations, and security expertise to accelerate our expansion plans in the region.”

“Our partnership with Ridge Security is a timely and strategic step, as 69% of organizations are now adopting AI-driven security for threat detection and prevention,” added Wael Jaber, Chief Strategy Officer at CyberKnight. “By joining forces, we enhance our ability to deliver automated, intelligent security validation solutions, reaffirming our commitment to empowering customers with resilient, future-ready cybersecurity across the region.”

Continue Reading

Cyber Security

GISEC 2025 Launches OT Security Conference Amid 49% Infrastructure Attack Surge

Published

on

As operational technology (OT) cyberattacks skyrocketed 49% in 2024 – targeting power grids, oil & gas facilities, factories and transport systems – GISEC Global 2025 is responding with the launch of its pivotal new OT Security track at the Middle East and Africa’s largest cybersecurity event, currently taking place until 8th May at the Dubai World Trade Centre.

The OT-focused conference at GISEC Global tackled evolving risks, system vulnerabilities and strategies for securing critical infrastructure. Other important considerations included AI in ICS/OT Security, Quantum Computing Threat, Protecting ICS and SCADA Systems & Digital Supply Chains in the presence of top CISOs, CIOs, OT security heads and policy-makers to fortify SCADA, ICS and digital supply chains.

The global OT security market is projected to double to $44.9 billion by 2029 (as per Markets and Markets). According to research by IBM, the average cost of cyberattacks on organisations in the Middle East is $8.75 million, nearly double the global average. OT security encompasses advanced cybersecurity protocols designed to ensure the integrity, availability and safety of industrial control systems. As critical infrastructure faces escalating cyber threats, robust OT security is essential for maintaining continuity across the oil & gas, manufacturing, energy, transport and utility sectors.

In late 2024, ransomware groups accelerated attacks on industrial sectors, with manufacturing, transportation and ICS operations prime targets. Only aggressive defence, intelligence sharing and cross-sector collaboration will safeguard critical infrastructure into 2025 and beyond. The audience heard from experts on the need for modern OT protection which delved into precision AI, leveraging machine learning, deep learning and large language models.

Discussing cybersecurity threats in the maritime industry, where ships can hold up to 10,000 passengers, are driven autonomously and each country has their own set of AI regulations, Simone Fortin, Global CISO Cruise Division at MSC Cruise Division, called for streamlined regulations that can be applied to all countries around the world.

He said, “For an industry like maritime, which is regulated by the UN, it is hard to interpret how to prevent AI threats for something critical like managing a ship. The UN gives the policy a broader scale, but then everything is regulated by bilateral agreements between the states and the regulators, and implemented by companies; but then, everything is defined by the fact that you could be in international waters. And ships can be owned by one entity, managed by another while sailing under a separate flag.”

Bridging the gap between AI-powered cyber defence and critical infrastructure resilience, the OT Security Track also put the spotlight the escalating IoT/IIoT threats in the oil & gas sector, featuring frontline insights from global CISOs defending the world’s most targeted industries.

Amal Krishna, Executive Director & CISO, ONGC, said, “To combat the surge in OT cyberattacks, businesses must prioritise asset visibility, network segmentation and secure remote access – but equally critical is breaking down silos between IT, OT and engineering teams. Cyber resilience in critical infrastructure isn’t just about technology, it’s about collaboration, continuous monitoring and a security-first culture.”

Albert Vartic, Upstream OT Cybersecurity Officer, OMV Petrom, added, “Over the next five years, OT cybersecurity in the Middle East’s critical infrastructure will see significant evolution. The region’s rapid digitalisation has expanded the attack surface, making industrial systems more vulnerable – proactive measures like IEC 62443 adoption and cross-team collaboration will be essential to safeguard operational resilience.”

Exhibitors Ayman Al Issa (CPX) and Mohammed Mousa (CyberKnight) dissected the 49% surge in OT attacks, offering actionable defences for the energy, healthcare and manufacturing sectors. Mousa, OT/xIoT Consultant at CyberKnight, warns that legacy OT systems weren’t built for today’s threats.

He explained, “The escalation in intrusions is a consequence of accelerated digital transformation in industrial sectors. As organisations integrate IT and OT environments to improve efficiency and support the business, they inadvertently expand the threat surface. Furthermore, legacy systems remain in operation far beyond their intended lifespan and often lack native security controls. Meanwhile, increased reliance on remote access, third-party integrations, and limited OT-specific cybersecurity governance heightens exposure. Simply put, organisations are moving faster than their security strategies are evolving.”

For businesses and governments to stay ahead of cyber criminals, Al Issa, Director – OT Cybersecurity at CPX, emphasised the importance of undertaking risk and threat assessments to understand what assets are at risk and how potential attackers might target them, sooner rather than later. He said, “In today’s fast-shifting business landscape, organisations need to focus on identifying their most critical assets – those that are at the highest risk and that they care about the most, rather than trying to protect everything or plan for recovery across the entire business. As such, organisations should conduct in-depth threat and risk assessments specifically considering the unique characteristics of industrial control systems (ICS), including their physical consequences. This involves mapping out interdependence, potential attack vectors and consequences of downtime. Using threat intelligence and aligning with frameworks like CIS ICS Controls can help organisations monitor suspicious activity, manage vulnerabilities and create tailored incident response plans. Once this is clear, more targeted and practical defence measures can be put in place and continuously tested, using threat intelligence to stay ahead of evolving threats. Risk assessments should be continuous, evolving with technological changes and emerging threats and should be validated through regular penetration testing.”

Amr Elsayed, Regional OT/ICS Cybersecurity Specialist at CyberKnight, agrees, saying technology, collaboration and workforce training should be key priorities for businesses. He said, “To enhance OT security resilience against rising cyber threats, businesses should adopt a Zero Trust approach, enforcing least-privilege access and micro-segmentation to limit breach impact. Advanced real-time monitoring and threat intelligence sharing (ISACs, public-private partnerships) are critical for proactive defences. Additionally, maintaining accurate OT asset inventories, conducting OT-specific incident response drills and implementing risk-based vulnerability management (compensating controls, tailored patching) will strengthen security postures. Finally, OT-focused employee training ensures a security-aware workforce. By prioritising these measures – spanning technology, collaboration and workforce readiness – organisations can safeguard critical infrastructure, mitigate disruptions and build long-term cyber resilience in OT environments.”

With Middle East nations rapidly adopting digitisation into their day-to-day practices, the region is becoming a target for cyberattacks. However, the experts expect a number of measures to be put in place to protect cybersecurity infrastructure, and GISEC 2025 could be where policymakers and tech giants will draft the playbook. Al Issa added, “Over the next five years, we can expect a major shift toward structured, regulation-driven cybersecurity approaches. AI-driven OT threat detection, the widespread adoption of Zero Trust principles and deeper integration of compliance frameworks will define the regional OT cybersecurity landscape. Stricter regulatory frameworks and compliance mandates region-wide will push for better security practices.”

Organised by Dubai World Trade Centre, GISEC Global 2025 is hosted by the UAE Cybersecurity Council under the theme of ‘Securing an AI-Powered Future’, and supported by Dubai Electronic Security Center (DESC), UAE Ministry of Interior and Dubai Police.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.