Europol offers law enforcement agencies data on Europe’s most threatening crime networks

Europol has collected and analysed data from over 40 countries to identify 800 most threatening criminal networks operating in Europe in what it describes as a unique dataset for law enforcemnt

The European policy agency, Europol, is to offer law enforcement agencies access to a "unique dataset" about the operations of the most threatening organised crime groups in Europe.

The agency has drawn on data from its own records, 27 EU member states, and 17 other countries to identify how the most dangerous criminal networks are organised, the activities they engage in, and where they operate.

The analysis draws on huge quantities of data seized by police from hacking operations against encrypted phone networks used by organised crime, included EncroChat, Sky ECC, and Exclu, in addition to data collected by national police forces.

Europol’s executive director Catherine De Bolle said at a press conference that Europol had undertaken the most extensive study on criminal networks.

“This data, now centralised at Europol, will give law enforcement agencies the edge they need to better target and conduct cross-border criminal investigations,” she said.

A analysis of the data collected by Europol has identified over 800 high-risk criminal networks and 250,000 individuals involved in drug trafficking, migrant smuggling, property crime and money laundering.

The criminal groups identified use legitimate businesses to hide their activities and to launder money from criminal activities. Their networks operate across international borders and include people from multiple countries. They tend to specialise in one main criminal activity, with half involved in drug smuggling. Some 70% use violence and intimidation as part of their operations.

Cyber attacks

The most threatening crime groups identified include nine specialising in cyber attacks. The groups, largely run by Russian and Ukrainian criminals, are active in France, Germany, Switzerland and the US.

These groups have up to 100 members but feature a small core of criminals which make ransomware available to affiliates to carry out cyber attacks. The core group manages negotiations and ransom payments often in cryptocurrency and typically pays affiliates 80% of the fee for conducting the attack.

Cyber service and technology solution providers offer critical support to criminal networks involved in fraud schemes. They include mass mailing and phishing campaigns, creating fake websites, advertisements and social media accounts. They also support online fraud schemes and advise on cryptocurrency movements, according to Europol.

Some criminal networks use countermeasures, such as encrypted telephones, to avoid detection by law enforcement. Others avoid communication on electronic devices and hold face-to-face meetings to leave no digital trace of their activities. 

The use of artificial intelligence may further facilitate criminals’ use of countermeasures in the future, Europol says in a report Decoding the EU’s most threatening criminal networks published on 5 April 2024.

The main nationalities involved in major crime networks are from  Albania, Belgium, France, Germany, Italy, the Netherlands, Poland, Spain, Turkey and Ukraine, with most criminal networks made up of a combination of EU and non-EU nationals.

The data reveals how criminals use bribery, together with the donation of gifts and other benefits in kind such as holidays, meals, or other services, to facilitate crime. The exploitation of family, loyalty and friendship is also common.

According to Europol, the data collected by the agency is a “pivotal asset” that  will assist national law enforcement authorities to better target and conduct their cross-border criminal investigations.

“The data collection has a unique importance as an intelligence-led assessment of how the most threatening criminal networks are organised,” it said.

Read more on Hackers and cybercrime prevention

Data Center
Data Management