Home
 / 
News
 / 
“Violence-as-a-Service” Emerges as a Growing Business Risk

Latest News & Updates

Featured
August 29, 2025
 / 
Articles
 / 
Threat Analysis
“Violence-as-a-Service” Emerges as a Growing Business Risk
August 19, 2025
 / 
Articles
 / 
Mgmt Strategy
Tips, Tricks, and ‘Smartest Thing I Ever Did’ – Part 2 of our CSO Focus Group
August 12, 2025
 / 
Updates
 / 
Cash
Ligue Cash Chapter Calls for Holistic Approach as European Financial System Undergoes Modernization
August 6, 2025
 / 
Articles
 / 
Mgmt Strategy
CSO Focus Group Shares Novel Approaches to Solve 10 Common Challenges
July 10, 2025
 / 
Articles
 / 
ROI
How Strong is the Link Between Financial Performance and Security?
June 19, 2025
 / 
Updates
 / 
Regulation
Innovating with Integrity: International Security Ligue Unveils Global Guidelines on Responsible AI Use in Security
Enhanced Good Practice
Backgrounder
Case Study
Updates
Briefs
Articles
August 29, 2025
 / 
Articles
 / 
Threat Analysis

Key Points

  • Violence-as-a-Service is an emerging threat involving a process of instigators, recruiters, enablers, and often under-the-radar youth perpetrators.
  • Private businesses face direct VaaS threats such as extortion-driven “physical demonstrations,” swatting raids, arson, and targeted vandalism, resulting in millions in lost revenue, property damage, and reputational harm.
  • Current countermeasures center on coordination between national police agencies and on digital platforms used to recruit perpetrators and should increasingly include formalized intelligence-sharing with the private sector, and investment in public awareness and prevention programs.

The disturbing rise in Violence-as-a-Service (VaaS)—outsourcing violent acts to criminal “service providers”—is complicated by increasing recruitment of young people with no criminal record, according to a new warning in August by Operational Taskforce GRIMM, a multinational law enforcement initiative launched in April 2025 to combat it.

“Young people are being deliberately targeted and recruited to commit a wide range of crimes, from drug trafficking and cyberattacks to online fraud and violent extortion,” according to the taskforce, an initiative of the Swedish Police and joined by eight other nations with coordination by Europol’s European Serious and Organized Crime Centre.  OTF GRIMM works to identify and dismantle VaaS networks and disrupt recruitment pipelines that often target minors via social media, gaming platforms, and encrypted messaging.

How does VaaS work? From its initial investigative work, the taskforce says it has identified the typical players and process, with each step involving different actors who may operate from different countries:

• Instigator – Orders and funds the crime (often abroad).

• Recruiter – Targets potential perpetrators online.

• Enabler – Provides logistics, tools, and payment channels.

• Perpetrator – Commits the act, often a minor with no prior criminal ties, chosen precisely because of their perceived invisibility to law enforcement

“The separation of these roles means criminals can operate like an outsourced service: instigators pay, recruiters source manpower, facilitators prepare the ground, and perpetrators take the risk,” according to the taskforce announcement.

This fragmented chain makes it harder to trace back to the masterminds, while making it easier to manipulate young people. — OTF GRIMM

Should Businesses Be Concerned?

While always troubling for society generally, some VaaS activity doesn’t directly impact private businesses. For example, German and Dutch law enforcement made dozens of arrests in a VaaS case resulting from an illegal drug trade disagreement drug in Cologne, in which the wronged party hired Dutch criminals to carry out violent retaliatory attacks in Germany. Some VaaS activity, however, poses a direct and significant threat to business operations.

In late 2024, a mid-sized Chicago restaurant chain was repeatedly hit by extortion demands, with extortionists posting ads on darknet VaaS boards offering “physical demonstrations” if the restaurants didn’t pay a $15,000 fee per location. Two locations reported smashed windows and threats scrawled on walls (“We know where you live”), forcing overnight closures and heightened security, resulting in lost revenues and emergency board-up costs that exceeded $60,000. Ultimately, the FBI traced the ads back to a criminal cell in Eastern Europe.

Another victim was a convenience market in Washington State (USA), targeted in a VaaS “swatting” call. An attacker—hired via a Russian-language Telegram channel—called police to report an armed hostage situation, which caused police SWAT teams to descend on the store. As a result of VaaS attack: the store was evacuated, and shelves were trashed in the police search; the shop lost four days of sales worth roughly $25,000; employees required trauma counseling afterward, and the shop required $8,000 in repairs.

Additional Examples

  • A 22 year old man, Patrick McGovern Allen, was convicted for targeting a New Jersey auto repair business, carrying out fire bombings and shootings on behalf of paying clients. Tactics: Arson of a garage bay and destruction of vehicles after being hired via an online VaaS marketplace. Impact: Over $120,000 in equipment losses, tripled insurance premiums, and months of disrupted operations while repairs were made.
  • Hundreds of violent incidents and targeted threats have been documented against U.S. McDonald’s restaurant locations, many mirroring VaaS style “contract harm” models. Tactics: Late night armed robberies, assaults over minor disputes, and coordinated vandalism. Impact: Worker injuries, repeated closures and hour-reductions, and reputational damage.
  • Investigators of a high-profile 2023 cyberattack on MGM Resorts International, which crippled its booking systems, found that some of the same perpetrators were tied to VaaS style harassment networks. Tactics used: Coordinated intimidation of staff, including in person harassment and threats, to pressure compliance during the broader attack campaign.

Fighting Back

To strike back at existing VaaS networks and make the environment less hospitable for recruitment, OTF GRIMM is working to partner with platforms to detect and block recruitment content, as well as dismantling service providers enabling violence‑on‑demand.

It’s critical to curb recruitment because “there seems to be a ready supply of individuals willing to be recruited to commit violent acts,” according to a March 2025, Europol report (The changing DNA of serious and organised crime, 2025 European Union Serious and Organized Crime Threat Assessment (EU-SOCTA)).

VaaS also reinforces the need for security solutions that bridge national borders. “The EU is and will continue to be deeply interconnected with the global criminal landscape, with illicit goods and services flowing in, out, and through its external borders,” according to the EU-SOCTA report.

Missing pieces?

Real‑time coordination between national police forces is a primary objective of OTF GRIMM’s campaign against VaaS, and it’s important for that request for collaboration to extend to private sector security providers to facilitate incident reporting, improve threat awareness and enhance the sharing of intelligence. VaaS is both a criminal and economic resilience issue, requiring formal channels for companies to share threat intelligence without breaching privacy laws.

The threat is also sufficient to require some investment by government officials, both in the form of public awareness campaigns and funding prevention programs modelled after effective domestic violence and gang intervention frameworks.

ROI
Cyber
Regulation
Critical Infrastructure
Threat Analysis
Crime Prevention
Supply Chain
Market Insghts
Staffing
Mgmt Strategy
PPP
Public Spaces
Contracting
Cash