{"id":"https://openalex.org/W7148377081","doi":"https://doi.org/10.48550/arxiv.2604.00063","title":"Cybercrime as a Service: A Scoping Review","display_name":"Cybercrime as a Service: A Scoping Review","publication_year":2026,"publication_date":"2026-03-31","ids":{"openalex":"https://openalex.org/W7148377081","doi":"https://doi.org/10.48550/arxiv.2604.00063"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.00063","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00063","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.00063","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5124582382","display_name":"Ema Mauko","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Mauko, Ema","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085424492","display_name":"Shane D. Johnson","orcid":"https://orcid.org/0000-0002-0184-9896"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Johnson, Shane D","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5052775075","display_name":"Enrico Mariconti","orcid":"https://orcid.org/0000-0003-3005-8214"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mariconti, Enrico","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5124582382"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.7231000065803528,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.7231000065803528,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.08950000256299973,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11838","display_name":"Crime, Illicit Activities, and Governance","score":0.0203000009059906,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cybercrime","display_name":"Cybercrime","score":0.9692000150680542},{"id":"https://openalex.org/keywords/sophistication","display_name":"Sophistication","score":0.736299991607666},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.621399998664856},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.5600000023841858},{"id":"https://openalex.org/keywords/service-provider","display_name":"Service provider","score":0.5322999954223633},{"id":"https://openalex.org/keywords/service","display_name":"Service (business)","score":0.5317000150680542},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5241000056266785},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.3109000027179718}],"concepts":[{"id":"https://openalex.org/C2779390178","wikidata":"https://www.wikidata.org/wiki/Q29137","display_name":"Cybercrime","level":3,"score":0.9692000150680542},{"id":"https://openalex.org/C168725872","wikidata":"https://www.wikidata.org/wiki/Q991663","display_name":"Sophistication","level":2,"score":0.736299991607666},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.621399998664856},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.5600000023841858},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5415999889373779},{"id":"https://openalex.org/C116537","wikidata":"https://www.wikidata.org/wiki/Q2169973","display_name":"Service provider","level":3,"score":0.5322999954223633},{"id":"https://openalex.org/C2780378061","wikidata":"https://www.wikidata.org/wiki/Q25351891","display_name":"Service (business)","level":2,"score":0.5317000150680542},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5241000056266785},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5160999894142151},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4309000074863434},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.3109000027179718},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.3059999942779541},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.3043000102043152},{"id":"https://openalex.org/C68595000","wikidata":"https://www.wikidata.org/wiki/Q2274177","display_name":"Service delivery framework","level":3,"score":0.3037000000476837},{"id":"https://openalex.org/C83860907","wikidata":"https://www.wikidata.org/wiki/Q135005","display_name":"Phishing","level":3,"score":0.30250000953674316},{"id":"https://openalex.org/C121017731","wikidata":"https://www.wikidata.org/wiki/Q11661","display_name":"Information technology","level":2,"score":0.29030001163482666},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.2874000072479248},{"id":"https://openalex.org/C3018725008","wikidata":"https://www.wikidata.org/wiki/Q4071928","display_name":"Cyber threats","level":2,"score":0.2874000072479248},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.2858000099658966},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.2720000147819519},{"id":"https://openalex.org/C2989129637","wikidata":"https://www.wikidata.org/wiki/Q29137","display_name":"Cyber crime","level":3,"score":0.26100000739097595}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.00063","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00063","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.00063","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.00063","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Cloud":[0],"computing":[1],"has":[2,22],"drastically":[3],"altered":[4],"the":[5,27,76,81,84,91,113,117,120,122,130,140,145,150,156,162,177,181],"ways":[6],"in":[7,16,26,67,129,171,206],"which":[8,64,168,199],"it":[9],"is":[10,34,125],"possible":[11],"to":[12,51,87,90,127,149],"deliver":[13],"information":[14],"technologies":[15],"a":[17,32,39,44,56,109],"service-led":[18],"structure,":[19],"however,":[20],"this":[21,94],"also":[23],"been":[24],"reflected":[25],"cybercrime":[28,151],"domain.":[29],"Cybercrime":[30],"as":[31,47,180,188,197],"Service":[33],"an":[35,48],"economic":[36],"model":[37,124,141,182],"where":[38],"technically":[40],"skilled":[41],"actor":[42],"offers":[43],"given":[45],"cyberattack":[46],"end-to-end":[49],"service":[50,163],"non-technical":[52],"actors":[53,193],"who":[54],"pay":[55],"subscription":[57],"fee":[58],"for":[59,203],"said":[60],"service.":[61],"The":[62],"services,":[63],"can":[65],"vary":[66],"scope,":[68],"targets,":[69],"and":[70,83,105,158,165,209],"delivery":[71,79],"modes,":[72],"include":[73],"everything":[74],"from":[75,102],"vulnerability":[77],"discoveries,":[78],"of":[80,111,139,147,155,161,174],"attack,":[82],"attack":[85],"itself":[86],"financial":[88],"rewards":[89],"subscriber.":[92],"In":[93],"scoping":[95],"literature":[96,107],"review,":[97],"we":[98],"analysed":[99],"195":[100],"articles":[101,115],"both":[103,207],"academic":[104],"grey":[106],"with":[108,136],"view":[110],"investigating":[112],"services":[114,175],"studied,":[116],"methodological":[118],"approach":[119],"how":[121],"CaaS":[123],"predicted":[126],"develop":[128],"future.":[131],"Our":[132],"review":[133],"indicates":[134],"that":[135],"further":[137,143],"commercialisation":[138],"will":[142,169],"lower":[144],"barrier":[146],"entry":[148],"realm,":[152],"increase":[153,159],"sophistication":[154],"attacks":[157],"resilience":[160],"providers":[164],"their":[166],"ecosystem":[167],"result":[170],"harder":[172],"shutdowns":[173],"by":[176],"authorities.":[178],"Furthermore,":[179],"becomes":[183],"more":[184],"accessible,":[185],"groups":[186],"such":[187],"organised":[189],"crime":[190],"groups,":[191],"extremist":[192],"may":[194,200],"use":[195],"them":[196],"well,":[198],"have":[201],"implications":[202],"criminal":[204],"activity":[205],"cyber":[208],"physical":[210],"domains.":[211]},"counts_by_year":[],"updated_date":"2026-05-05T08:41:31.759640","created_date":"2026-04-03T00:00:00"}