Recently, EUROPOL has published its SOCTA (Serious and Organised Crime Threat Assessment) report.
After having introduced the stakes of organised crimes and how it affects society as well as the digital world, this report explores the special tactics criminals use and the criminal landscape in Member States territories as well as in its cyberspace, with studying the geography of criminal networks.
SOCTA report, released every 4 years, remains a comprehensive analysis of law enforcement information on serious and organised crime affecting the EU.
‘Just as DNA serves as the blueprint for life, we are seeing a fundamental shift in the ‘blueprint’ of crime — the underlying tools, tactics, and structures employed by criminal networks’.
Through the report, this notion of ‘DNA’, appearing as a genuine spun metaphor, allows us to comprehend easier the several concepts and current stakes Europe is facing such as migrant smuggling, cyberattacks, organised crimes accelerated by Artificial intelligence (AI). Indeed, the blueprint of crimes evolves along with the technologies used by criminals. In this report, a particular case caught our attention: the rise of Cybercrime as a Service (CaaS) market in Europe. CaaS is a type of model in which cybercriminals provide various hacking and cybercrime services to other individuals or groups, typically for financial gains. It mainly turns out as essentially commodifying and commercializing cybercriminal activities, allowing even those with little technical expertise to engage in cybercrime. It includes for instance DDoS attacks (Distributed Denial of Service), Botnets-for-hire or also Ransomware as a Service. Since the beginning of the century, this whole economic system has increased considerably in the continent. The report mentions that this includes forms of cyberattacks like dark web market selling stolen data, intrusion services as well as criminal hosting and proxy providers – and AI plays a significant role in this data-theft attacks, though its hyper-realistic social engineering it provides.
Ransomware, known as a type of malware that encrypts the victim’s personal data, appears as a central threat that pollutes the European economic cyberspace. In February 2024, according to Europol, law enforcement from 10 countries disrupted the LockBit ransomware causing billions of euros of damages. As a matter of fact, this dismantled group setting a notorious ransomware-as-a-service (RaaS), first emerged in 2019 and created the ‘most variant ransomware across the world’. Indeed, in this type of attack, the core team creates its malware and runs its website, while licensing out its code to affiliates who launch attacks.
Europol sadly remains pessimistic through this study, even though more and more means are set to control cybercrime in Europe. There will inevitably be an increased number of attacks as the availability of CaaS is expanding with the support of generative AI technologies. Not only these attacks will increase in number, but their efficiency will be enhanced, particularly in the geopolitical context we’re going through – as cyber-attacks are increasingly directed by networks and agent based outside EU external borders from hostile foreign States, according to this SOCTA report.
Thus, the convergence of economic recession, geopolitical instability, and global inequality has created fertile ground for financially motivated cybercrime, with tech-savvy youth increasingly vulnerable to recruitment by criminal networks – and CaaS remains, here, a notable factor.
Arnaud Couture, PSC-Europe