Credit: Debora Cartagena, USCDCP on Pixnio

More than 4,300 cyber offences were pursued by police last year – but these investigations resulted in fewer than 100 people being charged with an offence.

Recently published annual crime figures contained “experimental statistics” tracking instances of fraud and offences related to the Computer Misuse Act (CMA): the primary piece of legislation for prosecuting cybercrime.

The data shows that there were 28,886 overall CMA offences on the year to March 2022 – a slight decrease on the 30,467 that were recorded in the prior year. But the total of 4,335 that were passed onto police for investigation represented a rise of almost 9% on the 3,991 that were referred to officers in FY21.

However, the offences investigated last year resulted in just 97 instances of an offender being charged with a crime or issued with a court summons. This equates to just one in every 45 of the cases that were referred to police, and only about one in 300 of the overall tally of 28,886 offences, about three quarters of which did not reach any defined outcome.

Related content

• NHS facing weeks of disruption after cyberattack on supplier of patient records systems
• Cyberattack on regulator shows ‘no organisation can fully defend itself against today’s threats’
• Scotland sees sevenfold increase in cybercrime in FY21

Of the 7,556 that did, the majority – 5,135 – conducted a full investigation but failed to identify a suspect. 

However, there was also a significant number of instances – 1,328 – where pursual was prevented as the victim of the crime did not support action being taken, as well as 752 cases where a suspect was identified and the victim wished for charges to be brought, but “evidential difficulties” prevented officers doing so.

In addition to the 97 charges or summonses, there were also 60 offences that were settled out of court, either formally or informally, and 75 where action was taken by another body – such as a regulator. There were also 77 cases in which officers decided an investigation or prosecution was not in the public interest.

Addressing the annual statistics, Home Office minister Baroness Williams said that prevention is an important a strand of government’s work to tackle cyber risks

“Cyber Prevent is an important part of our response to tackling cybercrime. This is an early intervention programme aimed at deterring individuals from getting involved in cybercrime in the first place, moving deeper into cybercrime or reoffending and diverting them towards positive directions. Since 2019, all local forces now have a Cyber Prevent capability,” she said, in answer to a written parliamentary question from crossbench peer Lord Taylor of Warwick.

“We have also rolled out Regional Cyber Resilience Centres in each of the nine policing regions, and London. These are a collaboration between police, public, private sector and academic partners to provide subsidised or free products and cyber security consultancy services to help small and medium-sized enterprise and micro businesses protect themselves better in a digital age.”

Another recently released government data set revealed that the number of police officers across England and Wales dedicated to investigating cybercrime rose by 12% during the 2021/22 year and, as of 31 March, stands at 521.