More than 22,000 malicious IP addresses and servers linked to cyber threats have been taken down in a global operation by Interpol.
Operation Synergia II, which included participants from private sector partners and law enforcement agencies from 95 Interpol member countries, targeted phishing, ransomware and information stealers between April and August this year. During the period, the members:
- identified about 30,000 suspicious IP addresses – of which 76% were taken down;
- seized 59 servers;
- seized 43 other electronic devices such as laptops, mobile phones and hard disks; and
- srrested 41 individuals – with 65 others still under investigation.
“The global nature of cybercrime requires a global response which is evident by the support member countries provided to Operation Synergia II. Together, we’ve not only dismantled malicious infrastructure but also prevented hundreds of thousands of potential victims from falling prey to cybercrime,” said Neal Jetton, Interpol’s Director of the Cybercrime Directorate.
China, Mongolia, Madagascar, Estonia
During the operation, participating law enforcement agencies conducted preliminary investigations leading to coordinated actions such as house searches, disruption of malicious cyber activities, and seizing servers and electronic devices.
In Operation Synergia II, actions in participating countries included:
- Hong Kong (China): Police took more than 1,037 servers linked to malicious services offline.
- Mongolia: Investigations included 21 house searches, seizing a server, and identified 93 individuals connected to illegal cyber activities.
- Macau (China): Police took 291 servers offline.
- Madagascar: Authorities identified 11 individuals relating to malicious servers, and seized 11 electronic devices for further investigation.
- Estonia: Police seized more than 80GB of server data. The authorities are now working with Interpol to analyse the data – which is linked to phishing and banking malware.
“Interpol is proud to bring together a diverse team of member countries to fight this ever-evolving threat and make our world a safer place,” Jetton said.
Increasing threats
We have covered the increasing ransomware attacks happening around the world, with Russian-peaking countries linked to most attacks. And a report by Comparitech declared that ransomware attacks have cost the global financial industry over $32.3 billion in downtime losses alone between 2018 and June 2023.
A report from Egress showed that 92% of organizations had been victims of successful phishing attacks in 2022, and that 99% of cybersecurity leaders are said to be stressed about email security. And research by Trustwave SpiderLabs has showed that hackers are producing more effective phishing attacks by using improved Generative AI and Large Language Models which make it harder to detect the malicious emails.
Now, according to Interpol, ransomware attacks increase on average 70% globally in 2023, and sales of logs collected from infostealers increased 40% on the dark web.