Cybercrime-as-a-Service: the rise of a new criminal business model

23 Mar Cybercrime-as-a-Service: the rise of a new criminal business model

Posted at 13:56h in NOTIONES by admin

The rise of Cybercrime-as-a-Service (CaaS) is significantly transforming the landscape of organised cybercrime. Instead of acting individually, cybercriminals increasingly operate within complex digital ecosystems where specialised actors provide ready-to-use tools, infrastructure and expertise to support cyberattacks.

Recent analyses from Europol, including the Internet Organised Crime Threat Assessment (IOCTA 2025), highlight how cybercriminal networks are becoming increasingly professionalised and structured. Within these ecosystems, different actors offer services such as malware development, phishing kits, ransomware platforms, or access to compromised systems through so-called Initial Access Brokers. This service-based model lowers the technical barriers to entry, enabling individuals with limited expertise to launch sophisticated cyberattacks by purchasing or renting criminal capabilities online.

According to Europol’s assessment, stolen data has become a key commodity in the cybercrime economy, traded across underground marketplaces and used to facilitate a wide range of criminal activities including ransomware operations, online fraud and identity theft.

Understanding these evolving criminal ecosystems is essential for improving threat intelligence, investigative capabilities and strategic foresight. In this context, the NOTIONES project contributes to advancing knowledge on emerging technologies and evolving security threats by supporting intelligence analysis, identifying innovation opportunities, and fostering dialogue between law enforcement, researchers and industry.

Reference
Europol (2025). Internet Organised Crime Threat Assessment (IOCTA 2025): Steal, deal and repeat – how cybercriminals trade and exploit your data. https://www.europol.europa.eu/publications-events/main-reports/internet-organised-crime-threat-assessment-iocta-2025

Author: FUNDACION TECNALIA RESEARCH & INNOVATION

Keywords: Cybercrime-as-a-Service (CaaS), Data theft, Cyber threat intelligence, Organised cybercrime

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.