INTERPOL has revealed that a Ghanaian financial institution suffered a major ransomware attack that encrypted massive volumes of data and disrupted essential services. The incident was uncovered during Operation Sentinel, a coordinated cybercrime crackdown conducted between October 27 and November 27 across 19 African countries, targeting business email compromise, digital extortion, and ransomware operations.
According to INTERPOL, the attack on the unnamed institution led to the encryption of 100 terabytes of data and the theft of approximately USD 120,000, severely impacting operations and access to critical systems. Ghanaian authorities responded with advanced malware analysis, which enabled investigators to identify the ransomware strain involved. This facilitated the creation of a decryption tool that successfully restored nearly 30 terabytes of encrypted data, significantly mitigating the overall damage.
INTERPOL said multiple suspects linked to the attack have been arrested, as investigations continue into the wider criminal network behind the breach. The case formed part of a broader operation that led to 574 arrests across Africa and the recovery of about USD 3 million in illicit proceeds, with financial losses linked to the investigated cases estimated at more than USD 21 million.
Neal Jetton, INTERPOL’s Director of Cybercrime, warned of the increasing sophistication of cyberattacks across the continent, particularly against essential sectors such as finance and energy. “The pace and sophistication of cyberattacks across Africa are intensifying, particularly against vital sectors such as finance and energy. The results of Operation Sentinel highlight the dedication of African law enforcement agencies, working hand in hand with international partners.
Their efforts have safeguarded livelihoods, protected sensitive personal data, and preserved critical infrastructure,” he stated. INTERPOL explained that Operation Sentinel was carried out under the African Joint Operation against Cybercrime, with support from international partners, including private cybersecurity firms that provided technical expertise in tracking malicious activity and freezing illicit financial assets.
The incident has reignited calls for stronger cybersecurity frameworks and sustained investment in digital resilience within Ghana’s financial sector, as cybercriminals increasingly target institutions managing large volumes of sensitive data.
Source: Kweku Zurek