A major international law enforcement operation called Red Card 2.0 resulted in 651 arrests and the recovery of over $4.3 million from cybercriminal groups across Africa. The operation, involving Interpol, 16 African countries, and private cybersecurity firms, targeted various fraud schemes including investment scams and a syndicate that infiltrated a telecom provider. The article highlights that cybercrime in Africa is increasingly organized and transnational, with criminals using AI to enhance attacks like phishing. It also emphasizes the growing importance of public-private partnerships and regional cooperation to combat these threats despite resource challenges for some local agencies. The main topics covered are the results of Operation Red Card 2.0, the nature of cybercrime in Africa, and the collaborative efforts to fight it.
Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific
Operation Red Card 2.0 Leads to 651 Arrests in Africa
In the latest operation targeting cybercrime groups, African law enforcement agencies cooperated with Interpol and cybersecurity firms to recover more than $4.3 million.
African law enforcement agencies continue to make headway against the cybercrime syndicates seeking to establish a foothold in various nations on the continent.
In December and January, law enforcement officers from 16 African countries worked with Interpol and private companies to disrupt some major cybercriminal operations. Among them were investment fraud rings in Nigeria and Kenya, a mobile loan-fraud operation in Côte d’Ivoire, and a cybercrime syndicate in Nigeria that had gained access to the internal operations of a major telecommunications provider, Interpol stated in a Feb. 18 announcement. In total, the operation — dubbed Red Card 2.0 — accounted for 651 arrests and recovered more than $4.3 million.
The international law enforcement coalition coordinated with local law enforcement agencies, providing resources, actionable intelligence, and training, says Enrique Hernandez Gonzalez, assistant director of cybercrime operations at Interpol.
"Operation Red Card 2.0 served as a deterrence measure, sending a clear and unambiguous message to both active and potential offenders that such criminal activities will not be tolerated," he says. "Recent operations show strong engagement from African member countries, with increasing results in recent months, reflecting a clear commitment to tackling this threat."
The latest operation follows a number of other announced law-enforcement surges, such as Operation Serengeti, Operation Sentinel, and the original Operation Red Card.
Cybercrime has been a growing problem in Africa, which has become a destination for Southeast Asia cybercrime syndicates looking to expand their operations. Both global and homegrown cybercriminals have also turned to AI services and large language models (LLMs) to improve their attacks. AI-crafted phishing attacks, for example, can achieve a 54% click-through rate, a significant 4.5-times improvement compared to pre-AI campaigns.
Public-Private Partnerships
To combat the wave of cybercrime, African law enforcement agencies are working more closely together, nations are harmonizing their legal frameworks, and National Liaison Offices (NLOs) are standardizing on essential equipment and investigative methods.
In addition, Interpol has teamed up with both local law enforcement and private companies to offer threat intelligence, analyze malware and threat campaigns, and identify the infrastructure being used by the cybercriminals. Trend Micro provided Interpol and its local law enforcement partners with threat intelligence as part of Operation Red Card 2.0, including analyses of loan app scams employed by cybercriminals, the company told Dark Reading.
Another partner, threat-intelligence provider Team Cymru, used network telemetry and other datasets to identify the infrastructure and activity connected to crypto-related scams and financial fraud. Overall, those cybercriminal operations siphoned off more than $45 million from consumers and businesses, says Jacomo Piccolini, community manager at Team Cymru.
Their research confirmed a trend already documented by the broader security community — cyber-enabled fraud on the continent is increasingly organized, scalable, and transnational, Piccolini says.
"What stands out is how effectively criminal networks are exploiting the rapid growth of mobile financial services and digital connectivity across African markets," he says. "This isn't opportunistic crime. It's structured, and the infrastructure supporting it crosses borders easily."
For Community and Country
Many local law enforcement groups continue to lack the resources needed to support investigations and turn intelligence into actionable insight, says Joshua Paul Ignacio, a senior threat researcher at Trend Micro. Beyond that, however, national governments need to educate users about cyber-fraud and other popular cybercriminal tactics, he says.
"Governments should prioritize raising awareness about safe internet practices and the common tactics used by cybercriminals," Ignacio says. "With the increasing number of internet users in the region, educating the public on how to navigate the internet safely is essential."
Interpol's Hernandez agrees that the collaboration must extend beyond just helping law enforcement perform better investigations. Interpol, for example, is also working on "active cyber offender prevention," where education and training aims to divert cybersecurity-skilled individuals from cybercrime to using their skills for their community and their country.
"Cybercrime cannot be mitigated by involving only law enforcement agencies, it also needs support from all the different stakeholders in the cyber-ecosystem ... to work together and make Africa a safer region," he says.
Among its other successes, Operation Red Card 2.0 highlights the importance of the the intelligence-sharing pipeline between the private sector and law enforcement. Done right, intelligence sharing can pay dividends, but often private companies and government agencies do not want to share, says Piccolini.
"Cybercrime moves faster than any single organization can track on its own," he says, "and formalizing channels for private sector threat intelligence to reach law enforcement, as happened here, is something more countries should institutionalize rather than treat as a case-by-case arrangement."
Read more about:
DR Global Middle East & Africa
Meridiano
