The “Access-as-a-Service” is a growing market, mainly comprised of companies or individuals that offer offensive cyber capabilities: the so-called hackers-for-hire. Their clients are usually governments (but also corporations and individuals), and the service categories they offer are usually bundled as a single service: Vulnerability Research and Exploitation, Malware Payload Development, Technical Command and Control, Operational Management, and Training and Support.

The CTI community maintains a crowdsourced (and ever-growing) list of publicly known private companies mostly involved in nation-state offensive cyber operations. On 23 May 2022, Interpol’s Secretary-General stated that he is concerned that state-developed cyberweapons will become available on the darknet in a couple of years. This was almost done by the Shadow Brokers back in 2016 when they were selling alleged NSA tools for cryptocurrency.

Within the darknet and underground marketplaces, it is relatively easy for cybercriminals with the interest and the budget to buy advanced cyber tools and increase their cyber capabilities. In 2022 the trend of the rising number of hacker-for-hire threat actors remains valid.

The tools of the Access-as-a-Service companies are increasingly targeting dissidents, human rights activists, journalists, civil society advocates, and other private citizens. While the usage of spyware surveillance technologies may be legal under national or international laws, it was observed that governments often abuse these technologies for purposes not aligned with democratic values.

Big tech companies work towards protecting their customers and defending against spyware activities regardless of who is behind these attacks or who the targets might be. Moreover, big tech companies have shared their findings with security researchers and policymakers. Conversely, the means of investigating mobile phone compromises for defenders are still limited and need to be further improved.

According to the European Union Agency for Cybersecurity, threat actors (mostly nation-states) will very likely continue buying such services and outsourcing cyber operations as the list of Access-as-a-Service companies grows. This outsourcing will certainly make the threat landscape more complex and will very likely contribute to increased cyber espionage and surveillance activity. Thus, we need to consider the implications related to the attribution of such cyber activities, the rapid development and enablement of cyber capabilities, and the abuse of such capabilities for targeting journalists, activists, and civil society.


If this information is helpful to you read our blog for more interesting and useful content, tips, and guidelines on similar topics. Contact the team of COMPUTER 2000 Bulgaria now if you have a specific question. Our specialists will be assisting you with your query. 

Content curated by the team of COMPUTER 2000 based on official publications by the European Union Agency for Cybersecurity, including the Threat Landscape report for 2022. The full text of the report can be found here.

Follow us to learn more


Let’s walk through the journey of digital transformation together.

By clicking on the SEND button you agree to the processing of personal data. In accordance with our Privacy Policy

15 + 4 =