Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Mauko, Ema, Johnson, Shane D, Mariconti, Enrico
Format: Preprint
Veröffentlicht: 2026
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2604.00063
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866914435767992320
author Mauko, Ema
Johnson, Shane D
Mariconti, Enrico
author_facet Mauko, Ema
Johnson, Shane D
Mariconti, Enrico
contents Cloud computing has drastically altered the ways in which it is possible to deliver information technologies in a service-led structure, however, this has also been reflected in the cybercrime domain. Cybercrime as a Service is an economic model where a technically skilled actor offers a given cyberattack as an end-to-end service to non-technical actors who pay a subscription fee for said service. The services, which can vary in scope, targets, and delivery modes, include everything from the vulnerability discoveries, delivery of the attack, and the attack itself to financial rewards to the subscriber. In this scoping literature review, we analysed 195 articles from both academic and grey literature with a view of investigating the services articles studied, the methodological approach the how the CaaS model is predicted to develop in the future. Our review indicates that with further commercialisation of the model will further lower the barrier of entry to the cybercrime realm, increase sophistication of the attacks and increase resilience of the service providers and their ecosystem which will result in harder shutdowns of services by the authorities. Furthermore, as the model becomes more accessible, groups such as organised crime groups, extremist actors may use them as well, which may have implications for criminal activity in both cyber and physical domains.
format Preprint
id arxiv_https___arxiv_org_abs_2604_00063
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Cybercrime as a Service: A Scoping Review
Mauko, Ema
Johnson, Shane D
Mariconti, Enrico
Cryptography and Security
Emerging Technologies
Cloud computing has drastically altered the ways in which it is possible to deliver information technologies in a service-led structure, however, this has also been reflected in the cybercrime domain. Cybercrime as a Service is an economic model where a technically skilled actor offers a given cyberattack as an end-to-end service to non-technical actors who pay a subscription fee for said service. The services, which can vary in scope, targets, and delivery modes, include everything from the vulnerability discoveries, delivery of the attack, and the attack itself to financial rewards to the subscriber. In this scoping literature review, we analysed 195 articles from both academic and grey literature with a view of investigating the services articles studied, the methodological approach the how the CaaS model is predicted to develop in the future. Our review indicates that with further commercialisation of the model will further lower the barrier of entry to the cybercrime realm, increase sophistication of the attacks and increase resilience of the service providers and their ecosystem which will result in harder shutdowns of services by the authorities. Furthermore, as the model becomes more accessible, groups such as organised crime groups, extremist actors may use them as well, which may have implications for criminal activity in both cyber and physical domains.
title Cybercrime as a Service: A Scoping Review
topic Cryptography and Security
Emerging Technologies
url https://arxiv.org/abs/2604.00063