Report - IOCTA

Internet Organised CrimeThreat Assessment

November 11, 2021

The exceptional COVID-19 crisis has fuelled the increase of cybercrime in all its forms, while grey infrastructure serves to facilitate the proliferation of crime.

The IOCTA is Europol’s flagship strategic product that provides a law enforcement focused assessment of evolving threats and key developments in the area of cybercrime. In previous versions of the IOCTA it was highlighted that the persistent nature of various modi operandi meant that changes of cybercrime threats were rarer than commonly perceived. Last year’s IOCTA captured the landscape by reflecting on how cybercrime is an evolution rather than a revolution.

In this year’s report, the impact of the COVID-19 pandemic remains visible. The accelerated digitalisation related to the pandemic has significantly influenced the development of a number of cyber threats, including:

  • Ransomware affiliate programs enable a larger group of criminals to attack big corporations and public institutions by threatening them with multi-layered extortion methods such as DDoS attacks. 
  • Mobile malware evolves with criminals trying to circumvent additional security measures such as two-factor authentication.  
  • Online shopping has led to a steep increase in online fraud. 
  • Explicit self-generated material is an increasing concern and is also distributed for profit.
  •  Criminals continue to abuse legitimate services such as VPNs, encrypted communication services and cryptocurrencies. 

For this year’s IOCTA, the project team surveyed all European Union Member States (EU MS), a limited number of third countries, members of Europol’s advisory groups and internal specialists. These were asked about what changes had specifically taken place in the threat landscape over the past 12 months. By limiting ourselves to four questions about the past 12 months, focused on changes in the prevalence and modi operandi of cybercrime, we wanted to ensure that our approach focused on the most relevant developments. The inclusion of input from trusted partners in the private sector through our Advisory Group members also assisted in the development of a comprehensive overview of the most up-to-date cybercrime threat landscape.

Cite this publication: Europol (2021), Internet Organised Crime Threat Assessment (IOCTA) 2021,
Publications Office of the European Union, Luxembourg.

You can read the full report here.