Crime, conflict and terror are evolving, crossing borders and bypassing traditional cyber defenses. Technology advancements in the hands of bad actors are driving this shift, and it’s reshaping our understanding of how these threats operate, scale and adapt.
Measured in economic terms, the impact of crime has reached a staggering $19.1 trillion – that’s 13.5% of global GDP. The dangerous conflicts fueled amid the blurred lines between criminal and terror enterprises are illustrated in recent headlines. In Syria, we’ve learned how the Captagon drug trade played a major role in funding Bashar Assad’s power apparatus, netting as much as $10 billion annually. A recent investigation into international drug trafficking and money laundering in Italy exposed shadow banking systems operated by Chinese nationals and utilized by criminal networks spanning from Albania to Latin America.
New research data demonstrates how the boundaries are increasingly blurring between traditional types of threat actors – nation-state sponsored attackers, cybercriminals and hacktivists. Among the examples, several hacktivist groups ventured into cybercrime in 2024, launching their own ransomware and ransomware-as-a-service (RaaS) operations. Nation-state actors showed increased cooperation with ransomware gangs.
These blurring lines are creating new challenges for agencies and investigators from federal to state to local levels. The inner workings of local and regional criminal networks can potentially reveal profound implications for homeland security, even international conflict – provided we can identify how, when, where and why the crimes intersect.
Blurring Skillsets, Stubborn Silos
This proliferation of crimes across boundaries and borders requires a new way of thinking about investigators, from their skillsets to the technology assets they bring to bear from field to back office. In a perfect world, these investigators wouldn’t be asked to stretch their domain expertise well beyond their specializations. Yet this is often the case today when we ask, for example, a drug crime specialist to quickly grasp the intricacies of cyber and/or financial crimes.
In a perfect world, investigators would employ a streamlined, end-to-end pipeline of investigative data from sensor (tactical intelligence/lawful interception) to analysis at the centralized data hub. But this capability is elusive for some.
In the data hub itself, investigative data is too often confined to silos that defy cohesion and frustrate investigative collaboration. But collaborative efforts are essential to effectively countering today’s multifaceted threats. In confronting the evolving landscape of crime, conflict and terrorism, it is imperative to transcend traditional boundaries – between investigative organizations, disciplines and technology resources.
Unfettered Criminal Capability
Ironically, the common criminal isn’t burdened with silos and boundaries. Elaborate crimes can be orchestrated utilizing apps on a smartphone. The smartphone unifies sensor and data hub all in one, with a handy AI assistant to organize everything – and it conveniently fits in the criminal’s pocket.
You no longer need to be a nation-state to commit crimes or project power across borders. A phone or laptop with an internet connection affords criminals unfettered access to the dark web and beyond. Threat actors exploit this advantage, moving faster, collaborating more fluidly, and erasing old lines between crime, terror and warfare.
Encrypted messaging apps are now commonplace, allowing criminal coordination across borders without detection. Telegram, Signal and even gaming chat platforms have been used by terror groups like ISIS and criminal cartels to organize operations and recruit members. Law enforcement is often “blind” to these interactions, making prevention and intervention extremely difficult.
Likewise, cryptocurrencies are commonly employed for untraceable financing, bypassing traditional financial controls. Hamas, ISIS and North Korea’s Lazarus Group have all used crypto wallets to raise or launder money. The Lazarus Group, for instance, allegedly stole over $600 million in crypto from a gaming platform. Crimes like this underscore how traditional banking governance, enforced through sanctions and Financial Action Task Force (FATF) rules, is becoming easier to sidestep.
Technologies like these allow illicit networks to operate at global scale, instantly. For a ready example, look no further than the numerous RaaS platforms available on the dark web that let even low-skilled actors deploy powerful malware. Groups like REvil sell or lease malware kits, creating a cybercrime “franchise” model. The resulting disruptions could be massive: a single threat actor could affect hospitals in the U.S., power grids in Europe and banks in Asia – simultaneously.
Among investigators, these threats require multifaceted intelligence capabilities to address. The criminal isn’t siloed, but the investigators are. To address the root problem, investigators need to see and understand diverse data through a centralized lens. Only then can they see the same view the criminal sees.
The Way Forward
The technological ease of modern criminality makes it appear more daunting to overcome than it is. Investigators and analysts are simply overwhelmed with siloed data to sift and correlate, pulling from open source, CCTV/surveillance, criminal records and other disparate data streams. If investigators could only make sense of this data deluge, the puzzle pieces would fit into place. In other words, they might already have all the data they need to solve the case, and they don’t even know it.
Decision intelligence platforms empower investigators and analysts to accelerate data-driven decision-making by automatically fusing and analyzing diverse data sources, structured and unstructured. This approach democratizes the power of AI and machine learning, enabling users to gain previously unattainable insights. By providing a unified view of complex data, this approach enhances collaboration across agencies and jurisdictions, allowing for more effective responses to transnational threats.
Blockchain analytics technologies can likewise assist law enforcement agencies in combating illicit cryptocurrency activities, including cybercrime, organized crime, trafficking and money laundering. By de-anonymizing hidden transactions within financial investigations, this approach enables investigators to safeguard the integrity of digital financial ecosystems and bring criminals to justice.
By leveraging these advanced technologies, agencies can break down silos, share critical information, and develop comprehensive strategies to address the blurred boundaries of modern threats. Investigators can be empowered with AI tools that close knowledge gaps, enabling specialists to stay focused on their specialties instead of getting stretched thin grappling with new disciplines on the fly.
Embracing these solutions, from sensor to datacenter, fosters a unified, collaborative approach to crime fighting, ensuring that collective efforts are greater than the sum of individual actions in safeguarding global security from increasingly versatile threat actors.
