Europol published the sixth edition of its annual presentation of the cybercrime threat landscape - Internet Organised Crime Threat Assessment (IOCTA) 2019. According to the report, data remains the key element for all cybercrime. Ransomware is the most widespread and financially damaging form of cyber-attack in 2019. Distributed-Denial-of-Service (DDoS) attacks were identified as another significant threat, being one of the most prominent threats to be reported to Europol. The amount of Child Sexual Exploitation Material (CSEM) detected online continues to increase, and self-generated explicit material (SGEM) is more and more common. Payment fraud is dominated by card-not-present fraud, which criminals usually carry out through data gathered from data security breaches and social engineering. The dark web remains the key online enabler for trade in an extensive range of criminal products and services. There is a convergence of cyber and terrorism, and disruption efforts are challenged by a large number of online service providers exploited by terrorist groups. Social engineering and phishing remains the most important cross-cutting cyber threat faced by investigators and private sector in Europe.