When it comes to committing technology-based crimes, the first thing that comes to mind is cybercrime. While a full discussion of cybercrime is outside the scope of this report, everyone involved in law enforcement and security must be aware that it is becoming more audacious, with highly focused, crafted attacks resulting in serious damage to major, profitable targets. 17 One of the phenomena noted by the State of Crypto Crime report is the growth of the “Crime as a Service” business model, particularly seen in Ransomware as a Service (RaaS). Sophisticated hackers use the darknet to literally rent out easy-to-use malware to newcomers while taking a cut of the proceeds. This eliminates the need for the cybercrime expertise and infrastructures OCGs have needed in the past if they wanted to profit from ransomware; today, anyone can break into cybercrime with only minimal investment. In addition, according to Europol, Crime as a Service is harder for law enforcement to detect and carries lower penalties than traditional forms of criminal activity. 18 Cybercrime represents a profitable market to traditional OCGs since the barriers to entry are so low. In other words, serious and organized crime is being transformed by the “integration of digital systems in many criminal activities and the expansion of the online trade in illicit goods and services.” 19 For example, social engineering is one high-tech strategy–using email or other online communication- that criminals are leveraging to perpetrate insurance fraud. As reported in a 2017 U.S. government hearing, “as technology improves, so are the fraudsters improving the ways that they get more sophisticated and commit these crimes." 20 The same social engineering techniques are also becoming prevalent in other highly lucrative areas, such as investment fraud. 21 As many brick-and-mortar retailers have discovered over the last two decades, expanding into cyberspace makes sense because it allows them to access new markets and remain competitive, enabling them to stay in business when many other retailers haven’t survived globalization. The same is true for OCGs moving their activities into cyberspace. USE OF TECHNOLOGY TO COMMIT CRIMINAL ACTIVITIES 17 https://www.europol.europa.eu/newsroom/news/fighting-cybercrime-in-connected-future 18 https://www.europol.europa.eu/sites/default/files/documents/Europol_OrgCrimeReport_web-final_0.pdf 19 https://www.tracit.org/sectors.html 20 https://www.govinfo.gov/content/pkg/CHRG-115shrg34303/pdf/CHRG-115shrg34303.pdf 21 https://www.europol.europa.eu/activities-services/main-reports/internet-organised-crime-threat-assessment-iocta-2019 Illegal Trades Crime as a Service (CaaS) Ransomware as a Service (RaaS) Social Engineering Command- and-control networks 8