Crime-as-a-Service lowers entry barriers to cybercrime world

29 Sep, 2014

Europol report sheds light on the rise of the Crime-as-a-Service business model

Europol Cyber Crime Centre (EC3) has sounded the alarm over the rise of the Crime-as-a-Service business model, and how it’s lowering the barriers to entry into the world of cybercrime.

According to the organisation’s 2014 Internet Organised Crime Threat Assessment (iOCTA), the model allows cybercriminals to develop sophisticated malicious products and services before selling them on to the less experienced to use via the “digital underground” world.

As a result, it’s getting easier for less technically-minded criminals to engage with cybercrime, putting companies at even bigger risk.

“In a simplified business model, a cybercriminal’s toolkit may include malicious software, supporting infrastructure, stolen personal and financial data and the means to monetise their criminal gains,” the report states.

“With every aspect of this toolkit available to purchase or hire as a service, it is relatively easy for cybercrime initiates – lacking experience and technical skills – to launch cyber attacks not only of a scale highly disproportionate to their ability but for a price similarly disproportionate to the potential damage.”

Many of these transactions take place on the “Dark Net”, which the report states has fuelled evolution of cybercrime in recent years.

Cecilia Malmström, EU commissioner for Home Affairs, said almost anyone can become a cybercriminal these days, thanks to the proliferation of the anonymous and hidden internet.

“This put an even increasingly pressure on law enforcement authorities to keep up,” she said.

“We need to use our new knowledge of house organised crime operates online to launch more transactional operations. We need to ensure that investigations into payment card fraud and online child abuse don’t stop at national borders,” Malmström added.

Professor Alan Woodward from the University of Surrey, who co-authored the report, added: “If agencies fail to mobilise to meet the threats highlighted in this report then organised cybercrime will gain the upper hand.

“However, if agencies work together, across borders, then we can use modern technologies to catch criminals, rather giving them a platform for ever more innovative forms of crime.”

Read more about