Europol has recently released its 2017 report on organized (SOCTA) crime in the EU. In this report they identify 5 key threats to Europe from organized crime groups. In addition to cybercrime itself, the report pulls forward illicit drugs crimes, migrant smuggling, organized property crime and labor market crime. Cybercriminal activities are often integral to or supporting also the other key operations of organized crime groups.

Key tools of organized crime groups are

• Corruption
• Counterintelligence against law enforcement
• Money laundering
• Document fraud
• Online trade
• Technology
• Violence and extortion

They carry out crimes through currency counterfeiting, various cybercrimes including child exploitation, payment fraud, data trade and malware campaigns. Also sports corruption is a major area for organized criminals, drawing profits from the gambling markets.

Document fraud is increasing and is a significant threat to Europe. It is an enabler of types of criminal activities, including terorrism. These documents are increasingly traded online.

Document fraud is one of the key drivers of identity theft. Document fraud can be necessary to facilitate other criminal activities, and cyberattacks may be used to steal credentials used to obtain documents.

Trade in illicit goods is increasing, and a lot of this trade is conducted on darknet sites. Key products are drugs, illegal firearms and malware. Other Crime-as-a-service segments are also of interest, like botnets for hire, ransomeware-as-a service, exploit coding. Europol sees Crime-as-a-Service as a growing threat to society, according to the SOCTA 2017 report. In particular the growth in ransomeware (#fiction #usecase) targeting not only individuals but also public and private organizations is worrying.

Geopolitical events are driving changes in organized crime in Europe. Conflicts close to European borders are influencing crime through migration, need for illicit goods, as well as European targets being picked by non-European fighters performing terrorist acts in Europe. Cybercrime is one source of funding for such terror groups, in addition to cybercrime being an enabler of the organized crime groups that support the needs of terrorism through illicit firearms trade, trade in drugs and narcotics and human trafficking.

Pulling EUROPOL’s intelligence into your cybersecurity threat context

What does this mean for European businesses? Depending on your exposure, technology base and value chain, this may affect the threat landscape for your organization.

• Increasing the direct threat level, e.g. ransomeware and payment frauds
• Supply chain effects, including money laundering schemes
• Threats to your intellectual property
• Corruption affecting your markets, including partners, owners, suppliers and customers
• Potential investments from money laundering schemes into your infrastructure

If growth in the activities of organized crime groups affects your threat landscape, it may also mean that you need to rethink your cybersecurity defense priorities. Is availability still the main threat, or are confidentiality issues coming to the forefront?