A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO's report?


A. Insider threat
B. Hacktivist
C. Nation-state
D. Organized crime