First-of-its-kind 13-country INTERPOL operation results in 201 arrests, identification of 3,867 victims, and seizure of 53 servers — supported by Team Cymru’s threat intelligence.
Team Cymru, a global leader in external threat intelligence and internet visibility, announced its role as a private-sector partner in Operation Ramz, a first-of-its-kind cybercrime operation in the Middle East and North Africa (MENA) region coordinated by INTERPOL. Running from October 2025 to 28 February 2026, the operation brought together law enforcement agencies from 13 countries to investigate and disrupt malicious infrastructure, identify and arrest suspects, and prevent further victimisation across the region.
Also Read: CIO Influence Interview with Kyle Wickert, Field CTO at AlgoSec
Working alongside INTERPOL and fellow private-sector partners Group-IB, Kaspersky, the Shadowserver Foundation and TrendAI, Team Cymru contributed threat intelligence and internet-scale visibility to help participating countries track illegal cyber activities and identify malicious servers underpinning phishing, malware and large-scale cyber scams targeting the region.
“Cybercrime is borderless, and the only effective response is one that is equally borderless. Operation Ramz is exactly that kind of response, law enforcement and trusted private-sector partners pooling intelligence, moving in concert, and dismantling the infrastructure that criminals depend on,” said Joe Sander, CEO, Team Cymru. “We are proud to have supported INTERPOL and the 13 participating MENA countries with the visibility needed to turn data into action, and we will continue investing in the partnerships that protect victims and hold offenders to account.”
Operation Ramz at a glance
- 201 individuals arrested and a further 382 suspects identified.
- 3,867 victims identified across participating jurisdictions.
- 53 servers seized.
- Nearly 8,000 pieces of crucial data and intelligence disseminated among participating countries to initiate and support investigations.
- 13 participating countries: Algeria, Bahrain, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Tunisia and the UAE.
The operation focused on neutralising phishing and malware threats, as well as tackling cyber scams that inflict severe cost to the region. Operational highlights released by INTERPOL include the dismantling of a phishing-as-a-service website in Algeria, the seizure of phishing tooling and banking data in Morocco, the disruption of a fraudulent investment platform in Jordan (where 15 individuals working the scams were determined to be victims of human trafficking), the remediation of compromised devices in Qatar, and the take-down of a vulnerable server hosting sensitive information in Oman.
“In a world where cybercriminals exploit the digital landscape without borders, Operation Ramz demonstrates the effectiveness of global collaboration,” said Neal Jetton, Director of Cybercrime, INTERPOL. “INTERPOL is dedicated to working with its member countries and private sector partners to take down malicious infrastructure, disrupt criminal groups and bring perpetrators to justice.”
Catch more CIO Insights: The CIO as a Value Creator: Moving Beyond Cost Centers to Revenue Drivers
[To share your insights with us, please write to psen@itechseries.com ]
