Cyber crime in Scotland: evidence review

A review of the evidence around the scale and nature of cyber crime affecting individuals and businesses in Scotland.

5. Conclusions and next steps


This review has drawn attention to the increase in the number of people in Scotland using the internet and the potential for criminals to exploit this growth, under the banner of cyber-crime. There is a lack of clarity and consistency in the terminology used around cyber-crime, and moving forward it may be helpful to start to shift the focus towards cyber-crime being seen as the method or locus of a crime, rather than a distinct type or group.

Whilst this review has found that incidents of cyber-crime tend be concentrated around sexual crimes, fraud and computer misuse, a number of different types of crime can and likely do involve the use of the internet and cyber technologies either as a precursor to a crime or in the committing of a crime itself.

The review has highlighted four key ways in which cyber technology is influencing crime:

1. Cyber-crime is forming a large proportion of certain crime types. For example evidence from the CSEW for the year ending Sept. 2017 estimates that over half (56%) of fraud incidents (which is one of the most numerous crimes) were cyber-crimes. This amounts to 1.8 million incidents during this time period.

2. The internet and cyber technologies are changing the volume of certain crime types. This is perhaps most evident amongst sexual crimes. Detailed evidence shows that both the number and proportion of police recorded 'other sexual crimes' in Scotland which were cyber-enabled increased. Consequently such incidents contributed to the growth in all 'other sexual crimes' and sexual crimes as a whole recorded by the police.

3. The internet and cyber technologies are changing the nature and victimisation of certain crimes. The police recorded 'other sexual crimes' research found that when the specific crimes of 'communicating indecently' and 'cause to view sexual activity or images' were cyber-enabled the age and relationship profile of victims and offenders changed. When incidents were cyber-enabled, both tended to be younger with median ages of 14 and 18 respectively, and victims and offenders were more likely to know of one another.

4. Cyber-technologies have given rise to the introduction of an entirely new and high volume category of crime – computer misuse. Without the internet, these crimes (including computer viruses, hacking etc.) would not be possible. Evidence from the CSEW for the year ending Sept. 2017 shows there were 1.5 million incidents of computer misuse, making it one of the numerous crimes.

However, were are operating in a complex landscape. The review has drawn attention to the challenges faced by authorities to investigate and take action against online risks. These include inconsistent terminology and the spectrum of possible internet involvement in crimes. Such situations also challenge the capability of research and statistics to accurately capture the scale, nature and impact of cyber-crime.

This review has also identified gaps in our knowledge. We still need to know more about cyber-crime in Scotland, such as the prevalence of different types of cyber-crime, the extent of underreporting, the cost and the harm of cyber-crime. Furthermore little evidence is available which allows for the comparison between cyber and non-cyber incidents of the same crime, meaning that it is difficult to ascertain how such crimes differ. This review has also drawn attention to gaps around cyber-crime offenders, in particular the extent to which different kinds of individuals and groups account for cyber-crime offences in Scotland.

Throughout, this review has found evidence that cyber-crime is underreported to the police and other authorities. Figures from the victimisation surveys are consistently higher than in police data, most notably for instances of fraud, computer misuse, abusive/threatening behaviour and stalking and harassment. Suggesting these occurrences are often not being reported to the police. Where apparent, the review has highlighted the possible links between underreporting and the perceived low severity of impacts resulting from many incidents, especially in relation to fraud and computer misuse. Underreporting may be inhibiting the ability of the police to take action and to assign resources accordingly.

Next steps

This review signifies an important first step in collating and assessing existing available evidence on cyber-crime in Scotland. In addition to this review, a number of analytical workstreams are underway across numerous organisations, including:

  • Police Scotland Cyber Capability Review- a long term piece of work to ensure Police Scotland has a strategic understanding of the cyber-crime threat, and ensure policing is equipped to investigate and respond.
  • Scottish Institute of Policing Research ( SIPR) qualitative research which looks at policing practices from six different countries around the world. This is due to be completed in Spring 2018.
  • HMICS Thematic Inspection of Police Scotland response to Cyber-crime – scheduled to be carried out in 2018-19.

Furthermore, as this review has alluded to, there are some encouraging signs by way of emerging evidence sources in Scotland. Principal developments include:

  • Police Scotland introduced a cyber-marker to their crime recording systems in April 2016. Police Scotland are currently considering how to enhance how crimes with a cyber-element are marked. Identifying a solution requires challenging the definitions and perceptions of "cyber-crime" and acknowledging the limitation of current legacy systems. Therefore improvement will be incremental as definitions and systems develop.
  • The SCJS has the potential to capture crimes that aren't reported to or recorded by the police. Whilst the SCJS does currently include a limited number of questions which provide insight on the extent to which the internet and cyber technology was involved in certain incidents, a more comprehensive module on cyber-crime/online behaviour questions will be included in the SCJS questionnaire from 2018/19. A 'cyber flag' question will also be added to the SCJS victim form, allowing us to see the proportion of more traditional crimes which involve the use of the internet. The first findings will be available in late 2019/early 2020 and whilst the data will not be included in the main SCJS incident or prevalence estimates, they represent an important step in developing SCJS evidence in this area. More information is available in the SCJS 2018/19 Questionnaire Review Paper and the full 2018/19 questionnaire will be published in due course.
  • It is likely that private companies and businesses including banks, hold useful information on cyber security and incidents where they have been the victim of a crime which occurred online or via cyber technology. The Scottish Government's Justice Analytical Services division is looking to explore this further.
  • Although out with Scotland, the CSEW fraud and computer misuse questions are now being asked of the full survey sample (were asked of half sample until October 2017) meaning it may be possible for ONS to provide more detailed analysis and disaggregations, especially relating to incidents of cyber fraud.
  • Finally, a number of sources consulted in the review are in their infancy, with little by way of time series data available. As time passes, it will be possible to analyse year-on-year changes and establish any longer term trends, for instance with the CSEW fraud and computer misuse findings.

Going forward it is intended that these developments combined with the above analytical work and existing sources, will contribute to a more complete picture about the influence cyber-technology is having on crime in Scotland.


Back to top