EU Serious and Organised Crime Threat Assessment warns that organised crime is fundamentally changing, making it more entrenched and more destabilising than ever before. Here’s what risk managers need to know
Europe’s police service has warned businesses face unprecedented threats from cyber criminals with artificial intelligence increasing bad actors’ chances of success.
Europol has published its annual EU Serious and Organised Crime Threat Assessment 2025, which highlighted that the blueprint of organised crime is being rewritten – reshaping the tactics, tools and structures employed by criminal networks.
It shows that organised crime is fundamentally changing, making it more entrenched and more destabilising than ever before.
Europol executive director, Catherine De Bolle, commented: “The very DNA of organised crime is changing. Criminal networks have evolved into global, technology-driven criminal enterprises, exploiting digital platforms, illicit financial flows and geopolitical instability to expand their influence.
“They are more adaptable, and more dangerous than ever before. Breaking this new criminal code means dismantling the systems that allow these networks to thrive – targeting their finances, disrupting their supply chains and staying ahead of their use of technology.”
“The very DNA of organised crime is changing.”
Magnus Brunner, European Commissioner for Internal Affairs and Migration warned the continent is at a defining moment when it comes to the threats it faces.
He said: “Geopolitical instability continues to shape a totally new global landscape.
“Organised crime is exploiting this evolving landscape and proliferating exponentially. It benefits from advanced technologies, is active across multiple jurisdictions, and has strong connections beyond EU borders.”
How the risks are evolving
The EU-SOCTA report identifies the fastest-growing threats as:
- Cyber-attacks, mostly ransomware but increasingly attacks targeting critical infrastructure, governments, businesses and individuals – often with state-aligned objectives.
- Online fraud schemes, increasingly driven by AI-powered social engineering and access to vast amounts of data including stolen personal information.
De Bolle commented: “Criminal networks are increasingly intertwined with hybrid threats originating externally, encompassing a wide range of criminal activities and tactics, often executed through criminal proxies. While the financial gains remain the primary motivation for these networks, their actions also serve – directly or indirectly – the geopolitical interests of those orchestrating hybrid threats.
“Serious and organised crime is increasingly nurtured online. The online domain has become an essential, omnipresent aspect of daily life, and its role in facilitating organised crime will continue to grow.
“Emerging technologies, such as artificial intelligence, accelerate crime and provide criminal networks with entirely new capabilities”
“It serves as a powerful tool for enabling, amplifying and concealing various forms of criminal activity, while also becoming a prime target for criminal infiltration and data theft.”
She continued: “The growing intersection of cutting-edge technology and organised crime demands a proactive response to effectively address the evolving threats posed by these advancements.”
“The online space is increasingly becoming the main ecosystem for committing certain crimes, with minimal involvement in the offline world, thus transforming the digital environment into the primary theatre for criminal operations.
“Emerging technologies, such as artificial intelligence, accelerate crime and provide criminal networks with entirely new capabilities. These innovations expand the speed, scale, and sophistication of organised crime, creating an even more complex and rapidly evolving threat landscape for law enforcement.”
The report identifies three defining characteristics of today’s serious and organised crime landscape:
1. Crime is increasingly destabilising
Serious and organised crime is no longer just a threat to public safety; it impacts the very foundations of the EU’s institutions and society. The destabilising properties and effects of serious and organised crime can be seen on two fronts:
- Internally, through the laundering or reinvestment of illicit proceeds, corruption, violence and the criminal exploitation of young perpetrators;
- Externally, with criminal networks increasingly operating as proxies in the service of hybrid threat actors, a cooperation which is mutually reinforcing.
2. Crime is nurtured online
Digital infrastructures drive criminal operations – enabling illicit activities to scale up and adapt at unprecedented speed.
Nearly all forms of serious and organised crime have a digital footprint, whether as a tool, target or facilitator. From cyber fraud and ransomware to drug trafficking and money laundering, the internet has become the primary theatre for organised crime.
Criminal networks increasingly exploit digital infrastructure to conceal their activities from law enforcement, while data emerges as the new currency of power – stolen, traded and exploited by criminal actors.
3. Crime is accelerated by AI and emerging technologies
AI is fundamentally reshaping the organised crime landscape. Criminals rapidly exploit new technologies, using them both as a catalyst for crime and a driver of efficiency.
The same qualities that make AI revolutionary – accessibility, adaptability and sophistication – also make it a powerful tool for criminal networks. These technologies automate and expand criminal operations, making them more scalable and harder to detect.
How to tackle the threats
Andy Norton, european cyber risk officer at Armis warned risk managers’ strategies need to change: “Cyberwarfare is no longer perceived as rare, high profile, one-off attacks - it’s a continuous, hybrid assault designed to erode trust and destabilise nations over time.
“Europol’s latest report confirms this shift, with Russia and its proxies using AI and automation to scale cyber threats like never before. Critical infrastructure - healthcare, energy, and supply chains - isn’t just collateral damage, it’s a prime target.”
“These threats are relentless, our defences must be too”
He adds that a ‘set it and forget it’ approach to cybersecurity that relies on legacy point products and siloed security solutions is no longer adequate.
Instead, organisations must prioritise immediately gaining a comprehensive, real-time understanding of their environment and their extended attack surface.
He said: “With this insight, security teams are enabled to proactively mitigate their cyber risk exposure using AI to anticipate and counter evolving tactics before they impact their organisation. These threats are relentless, our defences must be too”.
No comments yet