Forget the cliché of a solitary figure in a hoodie hunched over a keyboard in a dark room crunching lines of codes. It is an image that no longer accurately reflects today’s cybercrime landscape, where criminals operate as business-like syndicates across borders. 

Europol’s ninth Internet Organised Crime Threat Assessment (IOCTA), whose first module is published today, takes an in-depth look into the online criminal ecosystem, examining notable actors, their attack vectors and victims. 

Cybercrime has become a big business, with an entire illicit economy set up to support it with service providers, recruiters and financial services. This makes investigating cyber-attacks ever more challenging for law enforcement, with multiple specialised actors working on parts of the criminal process from every corner of the globe. 

Europol’s IOCTA aims at providing and understanding of modern cybercrime to equip law enforcement with the knowledge to fight back. This report and accompanying modules are based on operational information contributed to Europol’s European Cybercrime Centre, combined with expert insights and open source intelligence. 

Focus of the report 

• Cybercriminal services are intertwined
• Similar techniques for different goals
• The central commodity is stolen data
• Same victims, multiple offences
• The underground communities to educate and recruit cybercriminals
• What happens with the criminal profits?
• Europol’s support

The current summary presents the main overarching findings concerning the different typologies of cybercrime, namely cyber-attacks, online fraud schemes and online child sexual exploitation. It will be followed by a series of spotlight publications covering each of the crime areas in-depth.