Mappare il Crime-as-a-Service: analisi delle strutture, dei ruoli e dei servizi nell’offerta criminale digitale
DOI:
https://doi.org/10.32091/RIID0249Keywords:
Crime-as-a-Service, Illicit markets, Organized crime, Cybercrime, Digital criminologyAbstract
Mapping Crime-as-a-Service: An analysis of structures, roles, and services in the digital criminal offering
This study investigates the phenomenon of Crime-as-a-Service (CaaS) as a consolidated model of digital crime “industrialization.” In response to the gaps identified in the existing literature, the research adopts a methodological approach articulated along two main axes: (i) the analysis of the CaaS ecosystem in its structural, organizational and social dimensions; and (ii) the mapping of the services offered – both direct and indirect forms of support – and the underlying economic models. The common denominators emerging from this analysis are subsequently compared with the traditional criminological definitions of “organized crime” and, through the construction of a conceptual network graph, points of convergence, lines of divergence and areas of non-overlap between the two paradigms are highlighted. The aim of the study is to provide interpretative tools that can support theoretical-criminological understanding, legal qualification, and the more effective countering of digitally “organized” crime.
References
U. Akyazi, M. van Eeten, C. Hernández Gañán (2021), Measuring Cybercrime-as-a-Service (CaaS) Offerings in a Cybercrime Forum, in “Proceedings of the Workshop on the Economics of Information Security (WEIS 2021)”, 2021
A.A.M.A. Alwashali, N.A. Abd Rahman, N. Ismail (2021), A Survey of Ransomware-as-a-Service (RaaS) and Methods to Mitigate the Attack, in “Proceedings of the 14th International Conference on Developments in eSystems Engineering (DeSE 2021)”, IEEE, 2021
G.S. Becker (1968), Crime and Punishment: An Economic Approach, in “Journal of Political Economy”, 1968
M. Castells (1996), The Rise of the Network Society, Blackwell, 1996
R. Clarke, D. Cornish (1985), Rational Choice Theory, in “Crime and Justice”, 1985
D. Cornish, R. Clarke (1986), The Reasoning Criminal: Rational Choice Perspectives on Offending, Springer, 1986
A. Di Nicola, G. Baratto, B. Vettori (2025), Criminological definitions of organized crime on the digital test bench: towards a physical-digital framework, in “Trends in Organized Crime”, 2025
I.M.M. El Emary, K.A. Yaghi (2024), Machine Learning Classifier Algorithms for Ransomware LockBit Prediction, in “Journal of Applied Data Sciences”, vol. 5, 2024, n. 1
EUROPOL (2023), Cyber-attacks: the apex of crime-as-a-service (IOCTA 2023), 2023
EUROPOL (2017), European Union Serious and Organised Crime Threat Assessment Report (SOCTA) 2017, in www.europol.europa.eu/, 2017
G. Fiorinelli (2023), Nomina nuda tenemus? Lo statuto penalistico del crimine informatico tra mutamenti fenomenici e modificazioni semantiche, in “Discrimen.it”, 2023
W. Gibson (1984), Neuromancer, Ace Books, 1984
J. Hägvall, G. Valverde, (2024), A Case Study of DarkDock Marketplace: Seller-Buyer Trust & Reputation in Cybercrime Services, Linnaeus University, disponibile su DiVA Portal, 2024
R. Holland (2016), The Hacker Talent Shortage: What Organizations Can Learn from the Recruitment Efforts of Their Attackers, in “Digital Shadows”, 2016
K. Huang, M. Siegel, S. Madnick (2017), Cybercrime-as-a-Service: Identifying Control Points to Disrupt, CISL Working Paper n. 2017-17, Massachusetts Institute of Technology, 2017
C. Karapapas, I. Pittaras, N. Fotiou, G.C. Polyzos (2020), Ransomware-as-a-Service Using Smart Contracts and IPFS, in “2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)”, IEEE, 2020
J. Lusthaus (2013), How organized is organised cybercrime?, in “Global Crime”, vol. 14, 2013
N. Lykousas, V. Koutsokostas, F. Casino, C. Patsakis (2023), The Cynicism of Modern Cybercrime: Automating the Analysis of Surface Web Marketplaces, in “2023 IEEE International Conference on Service-Oriented System Engineering (SOSE)”, IEEE, 2023
P.H. Meland, Y.F.F. Bayoumy, G. Sindre (2020), The Ransomware-as-a-Service economy within the dark-net, in “Computers & Security”, vol. 92, 2020
C. Patsakis, D. Arroyo, F. Casino (2024), The malware as a service ecosystem, in “Malware: Handbook of Prevention and Detection”, Springer Nature, 2024
C. Pecorella (2006), Il diritto penale dell’informatica, CEDAM, 2006
L. Picarella (2025), Criminalità in rete. Dalle piattaforme illegali alle cybermafie, Donzelli, 2025
L. Picotti (2011), La nozione di «criminalità informatica» e la sua rilevanza per le competenze penali europee, in “Rivista trimestrale di diritto penale dell’economia”, 2011, n. 4
T.C. Schelling (1967), Economics and Criminal Enterprise, in “The Public Interest”, 1967, n. 7
W. Tsai, X. Bai, Y. Huang (2014), Software-as-a-Service (SaaS): Perspectives and Challenges, in “Science China Information Sciences”, vol. 57, 2014, n. 5
F. Varese (2010), What is Organized Crime?, in F. Varese (a cura di), “Organized Crime”, Routledge, 2010
K. Von Lampe (2016), Organized crime: Analyzing illegal activities, criminal structures, and extra-legal governance, SAGE Publications, 2016
D.S. Wall (2015), Dis-organised Crime: Towards a Distributed Model of the Organization of Cybercrime, in “The European Review of Organised Crime”, vol. 2, 2015, n. 2
D.S. Wall (2007), The Transformation of Crime in the Information Age, Polity Press, 2007
C. Whelan, D. Bright, J. Martin (2023) Reconceptualising organised (cyber)crime: the case of ransom-ware, in “Journal of Criminology”, vol. 56, 2023, n. 4
M. Yip, N. Shadbolt, C. Webber (2013), Why forums?: An Empirical Analysis into the Facilitating Factors of Carding Forums, in “Proceedings of the 5th Annual ACM Web Science Conference”, 2013
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Rivista italiana di informatica e diritto
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
rivistariidATigsg.cnr.it