Cyber crime in Scotland: evidence review

A review of the evidence around the scale and nature of cyber crime affecting individuals and businesses in Scotland.

1. Introduction


This review looks at existing evidence to understand how cyber-technology has impacted on crime in Scotland. A number of recent strategies have highlighted the challenges presented by cyber-crime and focus on improving the way in which we prevent and respond to cyber threats:

  • Justice Vision and Priorities identified the challenges facing the justice sector over the next ten years. One of these challenges was emerging crime and threats such as cyber-crime.
  • Policing 2026 sets out the current strategic policing priorities and objectives. One of the main priorities is to scale and change Police Scotland's cyber capability to respond to emerging cyber related crimes.
  • The Scottish Government's Serious Organised Crime Strategy (2015) recognises that the nature of serious organised crime has changed due to the substantial increases in cyber-crime. Two of the Strategy's themes, relating to diverting and deterring people from being involved in serious and organised crime, aim to ensure that individuals are aware of cyber threats and are able to safely use the internet and social media, and that businesses are able to protect themselves from cyber threats, insider threats and fraud.
  • "Safe, Secure and Prosperous: A Cyber Resilience Strategy for Scotland (2015)" sets out a vision for Scotland to become a world leading nation in cyber resilience by 2020.

To support this strong focus on preventing and tackling cyber-crime, we need a sound evidence base underpinning our actions in this area. There is currently a range of analytical work being carried out across different organisations.

The full range of work currently on-going comprises:

  • This Scottish Government review of cyber-crime and its impacts on Scotland, exploring existing evidence and literature (including the Scottish Crime and Justice Survey and official crime statistics).
  • Police Scotland Cyber Capability Review to ensure Police Scotland has a strategic understanding of the cyber-crime threat, and ensure that policing at all levels is equipped to investigate and respond to cyber-crime and exploit digital and technological developments. This is a long term piece of work.
  • Scottish Institute of Policing Research ( SIPR) qualitative research which looks at policing practices from six different countries around the world. This is due to be completed in Spring 2018.
  • HMICS Thematic Inspection of Police Scotland response to Cyber-crime – scheduled to be carried out in 2018-19.

This cross organisational analytical work is reflective of the scale and complexity of the challenge of cyber-crime. It needs a collective effort across organisations and sectors in order to develop a shared understanding. Taken together this work will begin to build a better understanding of the nature and scale of cyber-crime and how the risks, challenges and impacts of cyber-crime may differ from those associated with "traditional" crime (including whether there is now more crime in Scotland and/or whether the nature of crime committed has changed with the rise of the internet).

Aims of this evidence review

The Scottish Government's contribution to this initial building of the evidence is to understand what impact cyber-technology has had on crime in Scotland. It looks at how cyber-crime is currently measured, what information we have and where measurement gaps are evident. This review does this by synthesising and condensing existing evidence around:

  • The nature and extent of cyber-crime;
  • Who are the victims of different types of cyber-crime;
  • What harm is experienced by victims of different types of cyber-crime and the impact this has;
  • Future plans for collecting evidence on different types of cyber-crime; and
  • What we know about cyber-crime offenders.

This will then allow us to start developing options to improve the measurement and reporting of cyber-crime.

Structure of this evidence review

This evidence review is split into two main sections:

1. Cyber-crime as it impacts on individuals; and

2. Cyber-crime as it impacts on businesses.

This structure reflects the different kinds of risks and potential impacts faced by these two categories of victims. Within each, the review provides some background and contextual information before moving to consider the available evidence on the nature and extent of cyber-crime. For ease, this is organised by recording crime groupings. Whilst six crime groupings are discussed in relation to individuals, for businesses the review focuses on two. This is partly due to the available evidence and the fact that some crime groups aren't applicable to businesses e.g. sexual crimes.

Recorded crime groupings

To understand how cyber-technology has impacted on crime in Scotland, this paper uses the crime groupings that are used to categorise police recorded crime statistics. This approach helps to contextualise evidence on the extent of cyber-crime within broader trends in categories of recorded crime, and also aids understanding of how cyber-crime is influencing crime, i.e. whether cyber-crime is replacing or adding to 'traditional crime'. The table below sets out the crime groups along with a brief summary of the crime types that we consider could involve a cyber-element, and whether they affect individuals or businesses.

Types of cyber-crime by recorded crime groupings

Crime Group

Crime types affecting individuals

Crime types affecting businesses

1 – Non-sexual crimes of violence

  • Serious assault
  • Threats & Extortion (although most cyber-related threats are expected to be in Group 6)

2 – Sexual crimes

  • Sexual offending – including child sexual exploitation and indecent communications

3 – Crimes of dishonesty

  • Fraud
  • Identity theft
  • Fraud

4 – Fire-raising, vandalism etc.

  • Computer misuse
  • Computer misuse

5 – Other crimes

  • Drug offences ( e.g. trading of illicit substances online)
  • Contempt of court
  • Intellectual property theft / copyright offences

6 – Miscellaneous offences

  • Threatening communications & threatening and abusive behaviour
  • Stalking
  • Harassment

As can be seen, the risks faced by individual victims in particular appear to be dispersed across the range of crime groups highlighting that cyber-crime captures an array of various offences and experiences, which may have differing kinds of impacts and affect different groups of victims.

What is cyber-crime?

Defining cyber-crime is complex and contentious and there is not an agreed upon definition [12] . To fully understand the impact of cyber technology on crime in Scotland, it is important for us to set out what we mean by cyber-crime and the activities that fall under this umbrella term.

The main debate around whether criminal activity can be defined as cyber-crime centres around the extent to which cyber technology needs to be involved. Some argue that cyber-crime is only the distinct set of activities which are committed by using a computer, computer networks or other forms of ICT ( e.g. spread of viruses, hacking etc.). Others consider cyber-crime as more of a continuum, with even the most minor involvement of the internet in more traditional crime types being considered cyber-crime ( e.g. using the internet to research how to commit or cover up a violent crime).

As we are looking for this review and further analytical work to consider the impact that cyber-technology has had on crime in Scotland, it makes most sense to adopt a definition that considers criminal activity as cyber-crime if cyber-technology was in any way involved, regardless of the extent of involvement. In effect then, almost any crime has the potential to be cyber-crime. Therefore, this definition does not necessarily consider cyber-crime as a separate category of crime. Instead, cyber-crime is defined by the method or locus of the crime.

This is in line with the way in which Police Scotland conceptualise cyber-crime; they work with a continuum. This starts with traditional crimes conducted with a cyber-element and continues through to cyber-enabled crimes, i.e. those crimes that are increased in their scale or reach by the use of computers, computer networks or other ICT, and then moves into completely cyber-dependent crimes. The Home Office also draw this distinction between cyber-enabled and cyber-dependent crimes but do not include crimes which have a lesser involvement of cyber technology.


Back to top