Timeframe: 2024 to 2025
Budget: GBP 2.68 million
Donor: United Kingdom - Foreign, Commonwealth & Development Office (UK FCDO)
The situation
The African region is seeing unprecedented growth and development in the digital technology sector, particularly in financial technology and e-commerce.
However, this rapid digitalization has also brought with it a variety of security threats that can have a severe impact. Leveraging the increased reliance on technology, attackers employ various techniques to steal personal data and execute fraudulent activities. Prominent cyber threats in the region include digital extortion, ransomware deployments, sophisticated online scams (like phishing), and business email compromise (BEC) schemes.
The absence of robust cybersecurity standards creates a critical gap in protecting online services. This exposes critical infrastructure like banks and government institutions to cyberattacks, potentially leading to data breaches, financial losses, and disruptions in trade. Addressing this gap through stronger cybersecurity standards is essential.
Project aims
Building upon the achievements of the AFJOC initiative (2021-2023), the AFJOC II project aims to further enhance the capabilities of national law enforcement agencies in Africa. This will be achieved through continued focus on preventing, detecting, investigating, and disrupting cybercrime activities. This is achieved by:
- gathering and analysing information on cybercriminal activity;
- carrying out intelligence-led, coordinated action;
- promoting cooperation and best practice amongst African member countries.
Project activities
- Analytical support and intelligence – timely and accurate intelligence is vital in any effective law enforcement response to cybercrime. Our Cyber Activity Reports are important resources, providing insight on cyber threats targeting specific countries or regions;
- Developing regional capacity and capabilities to combat cybercrime – collaborative platforms such as the Cybercrime Collaborative Platform and Cyber Fusion Platform allow for secure communications and exchange of data on operations;
- Joint Operational Framework – this addresses cybercrime threats through collaboration between law-enforcement agencies, private sector and other international/intergovernmental organizations;
- Operational support and coordination – our operations help dismantle the criminal networks behind cybercrime;
- Awareness-raising campaigns – promoting good cyber practices for individuals and businesses in Africa.
Our African Cybercrime Operations Desk is responsible for implementing AFJOC. It works in close partnership with key regional stakeholders, in particular the African Union and AFRIPOL, law enforcement communities and the private sector.
Project updates
May 2024
African Cyberthreat Assessment Report – 2024
The third edition of this report by INTERPOL provides a comprehensive analysis of the prominent cyber threats impacting the African continent, drawing upon internal intelligence, operational insights, surveys, and contributions from private sector partners. Key findings highlight a continent-wide surge in cybercrime, with ransomware, business email compromise, and online scams emerging as rapidly expanding threats in 2023. The report underscores the critical nature of ransomware attacks targeting essential infrastructure and the prevalence of online scams affecting individuals and companies with significant financial implications. Moreover, it details the evolving tactics of threat actors, including the exploitation of social media and advanced social engineering techniques. While African countries have made strides in legislative development and enhancing law enforcement capabilities, the report identifies challenges to achieving a comprehensive approach to countering cybercrime. The report concludes with strategic recommendations from INTERPOL, emphasizing the importance of unified cybersecurity measures, investment in law enforcement capacities, public awareness, and international cooperation to strengthen cybersecurity across the continent.
29 April – 3 May 2024
10th Africa Working Group on Cybercrime – Abuja, Nigeria
The 10th Africa Working Group on Cybercrime gathered 150 participants from nearly all of the continent's member countries (49 out of 54) to address the escalating challenges of cybercrime amid Africa's rapid digital transformation and heightened connectivity. This crucial meeting aimed to raise awareness and tackle issues related to cyber threats across the region. Additionally, 10 operational side meetings involving 15 Member Countries and various private partners were held to discuss ongoing cases and strategize future operations, further enhancing collaboration and cooperation in combating cybercrime in Africa.
April – July 2023
Africa Cyber Surge Operation II
INTERPOL-coordinated operation leveraged private sector intelligence to pro-actively combat cybercrime. Organized in collaboration with AFRIPOL, the initiative streamlined cooperation between African law enforcement agencies to prevent, mitigate, investigate, and disrupt phishing, cyber extorsion, business email compromise and online scams.
March 2023
African Cyberthreat Assessment Report - 2022
As African countries move to incorporate digital infrastructure into all aspects of society – including government, business and banking, it is vital to promote a strong cybersecurity framework.
Our annual reports help countries in Africa to understand the most prevalent threats and formulate a coordinated regional response to cybercrime. The African Cyberthreat Assessment Report was produced as a result of cross-sector collaboration between key regional stakeholders as well as law enforcement agencies and the private sector.
November 2022-January 2023
Operation Contender
This operation targeted criminal groups behind romance scams and Business Email Compromise within the West African region.
Close cooperation between our Regional African Desk, private sector partners and national authorities in Finland, Switzerland, Cote d’Ivoire and Benin was essential in successfully detecting and disrupting cybercrime.
Cybercrime investigation also resulted in the arrest of three suspects in Cote d’ Ivoire and Benin as well as the seizure of digital and mobile devices.
July – November 2022
Africa Cyber Surge Operation
Law enforcement officials helped fight cybercrime through coordinated action, utilizing INTERPOL platforms, tools and channels. Participating countries were able to improve their own national cyber security by securing vulnerable critical infrastructure.
During this operation, officials took action to remove malicious infrastructure linked to botnet activity, and the dissemination of mass phishing, spam and online extortion activities (e.g. romance scams, banking scams and theft of data).
December 2022
Operation Falcon II
We supported the Nigerian Police Force (NPF) to combat major cybercrime threats such as Business Email Compromise (BEC), invoice scams and mass phishing campaigns. Private sector partners also provided key technical expertise and consultancy to help police authorities prevent and investigate attacks.
June 2022
#YouMayBeNext
Our #YouMayBeNext campaign focused on digital extortion threats including ransomware, sextortion and Distributed Denial-of-Services (DDoS). The campaign offered tips to ensure that individuals and businesses are better equipped with the knowledge to safeguard their systems, networks and devices.
May 2022
Operation Delilah
We supported national police authorities to arrest a Nigerian man in this international operation, spanning four continents. The suspect was alleged to have run a transnational cybercrime syndicate that launched mass phishing campaign and business email compromise schemes targeting companies and individual victims.
October 2021
#JustOneClick campaign
This campaign focused on online scams and phishing, ransomware and Business Email Compromise. Basic cyber hygiene advice was provided throughout the campaign, to ensure that individuals and businesses are equipped with the knowledge of how to protect their systems and data.