The operation, known as Operation Synergia III, was carried out between July 18, 2025, and January 31, 2026, with law enforcement agencies from 72 countries and territories participating.

According to INTERPOL, the coordinated effort led to the arrest of 94 suspects, while investigations are ongoing into an additional 110 individuals connected to the cybercrime network.

The agency noted that the success of the operation was driven by its ability to convert intelligence into actionable insights, strengthen cross-border collaboration, and provide targeted operational support to member countries in tackling evolving digital threats.

Preliminary investigations, it said, led to a series of coordinated actions by national authorities, including raids on key locations and the disruption of malicious cyber activities.  In total 212 electronic devices and servers were seized, it announced.

According to the organisation, participating countries and territories included: Nigeria, Angola, Argentina, Austria, Bahrain, Bangladesh, Bolivia, Bosnia and Herzegovina, Botswana, Brazil, Brunei, Burkina Faso, Burundi, Cameroon, Colombia, Democratic Republic of Congo, Eritrea, Eswatini, France, Gambia, Georgia, Greece, Guatemala, Guinea, Guinea Bissau, Guyana, and Honduras.

Others were: Iceland, India, Iraq, Ireland, Israel, Japan, Jordan, Kazakhstan, Kenya, Kuwait, Latvia, Lebanon, Lesotho, Liechtenstein, Macao (China), Madagascar, Malaysia, Maldives, Moldova, Mongolia, Niger, North Macedonia, Oman, Pakistan, Palestine, Paraguay, Philippines, Poland, Qatar, Singapore, South Africa, South Sudan, Spain, Sri Lanka, Switzerland, Tanzania, Togo, Türkiye, Uganda, Ukraine, United Arab Emirates, United Kingdom, Venezuela, Zambia and Zimbabwe.

INTERPOL’s Director of the Cybercrime Directorate, Neal Jetton, commenting on the development said: “Cybercrime in 2026 is more sophisticated and destructive than ever before, but Operation Synergia III stands as a powerful testament to what global cooperation can achieve.

“INTERPOL remains at the forefront of this fight, uniting law enforcement agencies and private sector experts to dismantle criminal networks, disrupt emerging threats and protect victims around the world.”

Although several investigations are still ongoing in participating countries, preliminary reports of key cases, it said, demonstrate the breadth of the criminal tactics employed, including fraudulent websites, romance scams and credit card fraud.

For instance, law enforcement in Macau, China identified more than 33,000 phishing and fraudulent websites, related to fake casinos and critical infrastructure, such as official bank, government and payment service sites.

“Victims are defrauded by topping up their accounts via the fraudulent sites or by having their personal information and credit card details stolen,” the INTERPOL noted.

Besides, police in Togo arrested 10 suspects operating a fraud ring from a residential area. Some specialised in technical crimes such as hacking social media accounts, while others carried out social engineering schemes including romance scams and sextortion.

“After gaining access to an account, the criminals contacted the victim’s online contacts, impersonating the account holder to build fake romantic relationships or deceive friends and family members. Their ultimate goal was to persuade these secondary victims to make money transfers.

“In Bangladesh, police arrested 40 suspects and seized 134 electronic devices related to a large range of cybercrime schemes, including loan and job scams, identity theft or credit card fraud,” it added.

During Operation Synergia III, INTERPOL said it worked closely with its partners, Group-IB, Trend Micro and S2W, to track illegal cyber activities and identify malicious servers.

Security, infrastructure, and cloud teams are consistently under pressure to manage an ever-growing, ever-changing attack surface as IT environments become more complex and distributed.

Vulnerability scanning offers comprehensive surfacing of any potential issues in an environment without always having a realistic risk or security implication attached to it.

Penetration testing while a highly effective and targeted exercise, is costly and therefore does not scale.

The only way to cost-effectively perform continuous pentesting is to have the ability to continuously monitor and analyse the attack surface to prioritise risk mitigation.

Bridging the gap between scanning and penetration testing

ActiveWatch eliminates this compromise between scanning and pentesting by integrating both methodologies, ensuring continuous attack surface monitoring.

“ActiveWatch bridges this critical gap by employing a suite of scanners – both open source and custom – in an effective workflow that detects early signals and indicators that seasoned hackers recognise as precursors to deeper vulnerabilities,” says Orange Cyberdefense CTO Leon Jacobs.

“Upon detecting these signals, our expert team conducts manual verification and investigation, avoiding false positives and delivering high-quality, impactful alerts.”

By combining advanced automated scanning with the expertise of seasoned penetration testers, ActiveWatch ensures organisations receive high-quality, actionable alerts with zero false positives while closing critical security gaps that leave them vulnerable to attackers.

ActiveWatch delivers structured, high-quality vulnerability assessments conducted by trained professionals. Each identified signal undergoes thorough analysis, ensuring organisations receive only validated, relevant alerts.

“If you hear from us, it’s likely that we’ve discovered a seriously dangerous vulnerability or attack path that needs urgent remediation,” Jacobs explains.

Five key differentiators

• Continuous reconnaissance mode – Ongoing monitoring and discovery of external attack surfaces, spotting obscure risks that might be missed, including those exposed by shadow IT.
• Laser-focused alerts – Unlike conventional scanners that generate floods of information, ActiveWatch prioritises real, hacker-validated threats, ensuring security teams focus on effective risk mitigation.
• Human intelligence + smart technology – Ethical hackers utilise multiple scanning sources and workflows to analyse findings, delivering high-quality, demonstrable, and reproducible reports.
• The crowd effect – The more scanning data at hand, the more one can correlate across multiple clients, providing compounding security benefits.
• Constant evolution – ActiveWatch detection capabilities are based on new research from both the industry and Orange Cyberdefense, plus penetration testing insights from traditional engagements, ensuring adaptation to growing threats.

Market validation and timing

The need for continuous and proactive monitoring has never been greater. The Forrester Wave: Attack Surface Management Solutions, Q3 2024 report underscores the importance of comprehensive attack surface visibility for effective exposure management.

It highlights that organisations must combine internal and external asset visibility to strengthen their cybersecurity strategy, along with continuous penetration testing of any identified attack surface.

Simple setup, maximum impact

Setting up ActiveWatch is simple and flexible. Organisations provide an inventory of their internet-facing infrastructure, including domains, hostnames, IP addresses, and brand-related information – anything an external attacker would find interesting.

Operationally, no access needs to be provisioned, nor do any agents need to be installed, making it extremely lightweight and low-effort for clients to activate. ActiveWatch takes the perspective of a motivated external attacker.

Uniquely, ActiveWatch doesn’t charge per-host or per-application, encouraging broad-based attack surface management while remaining highly cost-effective and scalable. Once initial test scans confirm stability, continuous monitoring begins, allowing ActiveWatch to adapt dynamically to evolving threats.

“ActiveWatch is designed to evolve alongside your organisation. Its flexible workflow continuously maps and monitors your external attack surface, while the Orange Cyberdefense SensePost Team constantly updates detection capabilities based on real-world threats. This ensures organisations aren’t just addressing today’s security challenges but are also prepared for future threats,” Jacobs concludes.

The threats stemming from vulnerable routers affect both households and organisations, moving beyond email compromises to physical home security. Despite this, people rarely think about the security of their devices.

According to research, 73% of users have never thought about upgrading or securing their router, making it one of the biggest threats impacting the Internet of Things today.

Here, Kaspersky experts recommend eight ways to protect your router from cyberattack:

1. To buy smart appliances second-hand is an unsafe practice. Their firmware could have been modified by previous owners to give a remote attacker full control over your smart home.

2. Don’t forget to change the default password on your router. Go for a complex one and change it regularly.

3. Don’t share serial numbers, IP addresses or other sensitive information regarding your smart devices like router on social networks.

4. Use WPA2 encryption – it’s the most secure for data transfer.

5. Disable remote access in the router ‘s settings. If remote access is still needed, you should disable it when it is not in use.

6. For more security, you can select a static IP address and disable DHCP, as well as protect Wi-Fi with a MAC filter.

These actions lead to you having to manually configure the connection of various additional devices to the router, so the process becomes longer and more complicated.

Nevertheless, it will be much more difficult for an intruder to penetrate the local network. Be aware and always check the latest information on discovered router vulnerabilities.

7. Having decided on a particular app or device, be sure to stay in the loop about updates and discovery of vulnerabilities. Install all updates released by the developers in a timely fashion.

8. Consider installing a special security solution that can help protect your home network and all connected devices.