Listen to this Post
In recent years, cybercriminals have become increasingly sophisticated in their tactics, blending their efforts with state-backed operations to create a new wave of cyberthreats. These “hybrid” threat actors leverage the resources of organized crime networks to further geopolitical goals, destabilizing regions like the European Union. Europol’s 2025 report sheds light on the growing collaboration between criminal networks and nation-states, emphasizing how emerging technologies, particularly artificial intelligence (AI), are being used to fuel these threats.
Cybercriminals and Nation-States: A Dangerous Alliance
Europol’s recent “2025 EU Serious and Organised Crime Threat Assessment” (EU-SOCTA) reveals the concerning rise of “hybrid threat actors”—a term for those who use criminal networks, including those involved in cybercrime, to further political goals. This collaboration is creating a new level of risk, not just for national security but for the cybersecurity landscape as a whole.
According to the report, hybrid actors—comprising both state-sponsored operatives and organized criminals—are increasingly forming “shadow alliances.” These alliances are mutually beneficial: states provide a safe haven for criminal networks in exchange for their services, allowing these criminals to operate freely without fear of prosecution. In return, these states gain deniability, outsourcing actions like cyberattacks, disinformation campaigns, and money laundering to criminals, which makes attributing such activities more difficult.
The use of criminal networks also offers hybrid actors a more cost-effective means to achieve their goals. Rather than spending vast resources on developing their own infrastructure, they can tap into existing criminal operations that already have the tools and reach they need. In the case of cyberattacks, this means utilizing criminal networks with access to cutting-edge technology, such as zero-day exploits and emerging AI tools, to enhance their operations.
The Growing Role of AI in Cybercrime
One of the most alarming developments highlighted by Europol is the rapid rise of AI technology in the hands of cybercriminals. Generative AI (GenAI) and large language models (LLMs) have lowered the barriers to entry for cybercrime, making it easier for criminals to launch sophisticated attacks. These tools allow for the automation of large-scale phishing campaigns and the creation of highly convincing fraudulent content.
The report emphasizes that the use of AI-driven tools in cybercrime is not limited to traditional forms of attack. For example, AI-powered deepfake technology is increasingly being used for a variety of malicious purposes. Cybercriminals can create hyper-realistic synthetic media to deceive victims, impersonate individuals, and even blackmail or extort targets. When combined with AI-driven voice cloning and live video manipulation, deepfakes amplify the threat, opening the door for new forms of fraud, identity theft, and disinformation.
CrowdStrike’s 2024 Global Threat Report echoes these findings, warning that AI is transforming the landscape of cybercrime, particularly in social engineering attacks. As AI continues to evolve, its role in cybercrime will likely become more pervasive, lowering the cost and increasing the scale of malicious activities.
What Undercode Says:
The increasing collaboration between nation-states and criminal organizations marks a disturbing shift in the landscape of cyber threats. By creating “shadow alliances,” these hybrid actors are able to obscure their true intentions, making it difficult for cybersecurity professionals to identify and neutralize their efforts. In effect, cybercriminals are no longer just isolated groups operating on the fringes of society—they are now tools of political interference, with the backing of powerful nation-states.
This new breed of cybercriminal is not limited to traditional tactics. The integration of AI tools into their arsenal represents a significant evolution in the scope and scale of cyberattacks. With AI, these actors can automate attacks, create realistic phishing campaigns, and even manipulate media to deceive targets. This creates a situation where businesses, governments, and individuals are increasingly vulnerable to attacks that are both sophisticated and hard to trace.
Moreover, the fact that nation-states are increasingly relying on criminals to carry out operations means that cybersecurity professionals face a double challenge. They must defend against both traditional cybercrime and the more complex, politically motivated attacks that are now emerging. The lack of clear attribution makes it harder to hold any single actor accountable, and the growing role of AI only complicates efforts to track down and disrupt these operations.
This new reality requires a shift in how we think about cybersecurity. It’s no longer just about defending against individual attackers or criminal organizations. We must consider the broader geopolitical landscape and how cyberattacks can be used as tools of warfare. As the lines between cybercrime and state-sponsored attacks continue to blur, cybersecurity strategies will need to evolve to address this new hybrid threat.
Fact Checker Results:
1.
- The role of AI in lowering the barriers to cybercrime and enabling more sophisticated attacks is backed by real-world examples, including those outlined by CrowdStrike.
- The rise of hybrid actors and shadow alliances is a key concern in modern cybersecurity, highlighting the need for new defensive strategies.
References:
Reported By: https://www.darkreading.com/cyber-risk/cybercriminals-taking-advantage-ai-shadow-alliances
Extra Source Hub:
https://www.medium.com
Wikipedia
Undercode AI
Image Source:
Pexels
Undercode AI DI v2
