Site navigation

Patrolling the Cyber-state with Police Scotland DSU, Alex Dowall

David Paul


Scotland cybercrime
Detective Superintendent Alex Dowall discusses the role that Police Scotland plays in combating cybercrime, and the CyberScotland Partnership trying to make a difference.

Cybercrime in Scotland has almost doubled in 2021. The pandemic and subsequent global boost in digital adoption catalysing what is undoubtedly a grim statistic.

Threat actors are pushing the boundaries of what is possible online, scamming unsuspecting victims out of data and money and posing a challenge for the police.

In Scotland alone, 14,130 cybercrimes have been reported between 2020-2021: a 95% increase over the same period in 2019.

Despite these challenges, Police Scotland are trying to catch up. Over the last 18 months, a cyber-strategy has been published laying out plans on how the force will tackle cybercrime, pivoting the traditional model of policing to fit the current climate.

Additionally, the CyberScotland Partnership has been formed – a collaborative effort involving several partners committed to improving cyber resilience across the country.

Partners include Police Scotland, the Scottish Business Resilience Centre, the Scottish Government, and the National Cybersecurity Centre, to name some of the 12 that are involved.

DIGIT sat down with Detective Superintendent Alex Dowall, lead for cyber-investigations and digital forensics at Police Scotland, to discuss the effectiveness of the CyberScotland Partnership since its inception in February last year.

The CyberScotland Partnership

The CyberScotland Partnership has committed to work collaboratively to “raise the profile” of cybersecurity and cyber-resilience to everyone across the country, whether that’s from individuals, SMEs, public bodies, or larger enterprises.

CyberScotland also provides information and support resources across a range of cybersecurity and resilience issues, as well as skills development information for anyone interested in a cybersecurity career.

So far, Dowall says that the project has seen success, and that many victims of cybercrime have gained the support they needed, especially after the high-profile ransomware attack on the Scottish Environment Protection Agency (SEPA) in January 2021.

The attack on SEPA was a real test for the partnership, knocking several key systems offline and causing major disruption for the government agency.

Around 1.2GB of data was seized, with SEPA claiming the culprits were “international, serious and organised cybercrime groups”.

Dowall comments that one of the successes for the collaboration thus far was their response to the SEPA attack.

“The collaboration and all the tools, the experience, the knowledge, and the support that each organisation brought to the table – post that attack – is a shining example of what that collective and joined up approach can bring to organisations if they were to be the victim of an attack in the future.”

The fight against cybercrime

Despite the successes of the partnership, cybercrime is becoming increasingly difficult to fight, due to the speed at which it changes and the sheer volume of attacks.

Dowall says we should take cybercrime more seriously, and that we all have “a role to play” to protect ourselves from such attacks.

“I think we’ve all got a responsibility, either as individuals or as organisations, to look at what steps we can take to ensure that our cybersecurity is as robust as it can be,” he comments.

“As we know, cybercriminals are always looking to try to be one step ahead of law enforcement, but then that’s what makes my role exciting, it’s up to me to make sure that Police Scotland and its strategic partners are keeping up, and hopefully one step ahead of them.”

However, it is easy to view cybercrime differently to what we could call ‘traditional crime’. Dowall compares using the simple analogy of viewing cybersecurity similarly to physical security.

“We all know the steps that we would take to ensure our homes are secure, that our cars are secure, that we don’t leave things lying about, so why would we not do the same with the ever-increasing cyber aspect of our lives?” Dowall says.

He goes on to say: “We would not hand someone our bank details, so why would we share equally valuable digital credentials. If we took that simple analogy of treating cybersecurity the same way as we do physical security, I think that would take us a huge step forward in ensuring that people are protected, and can be safe while online.”

The term ‘cybercrime’ has evolved exponentially throughout Dowall’s time in the police. The DSU sees it as ‘modern crime’; a method and platform which criminals now use to commit what we previously knew as some of the more traditional crimes.

“If you contrast young police officers today, compared to those 20 years ago and speak about some of the types of crime that are being investigated, the type of crime hasn’t changed in its inherent nature” he says.

“When I joined the police 27 years ago, we had cheque frauds and we used to go through all these different shops with blank copies of cheques, getting handwriting samples, etc.”

Dowall highlights young officers having to deal with claims such as crypto-jacking and various other thefts of cryptocurrencies. “The language and methodology has changed, but the crime is the same,” he says.

Facing an uphill struggle

Putting the correct tools in place to fight cybercrime has not been easy over the last 18 months. The CyberScotland Partnership has had to contend with the pandemic not long after it emerged.

However, this essentially catalysed the collaborations’ efforts to combat digital threats.

And it needed to. A report from April this year found a major rise in ransomware attacks alone, with the first and second quarter of 2020 seeing the vast majority – a 64% increase on the 19% recorded in the first two quarters of 2019.

Police Scotland, publishing their cyber-strategy in September last year, means they were able to actionably fight back against increasing cyber-threats in a timely manner.

“I think the recognition was there by Police Scotland that we had to accelerate and get up to speed, form these partnerships and alliances and ensure that we were match fit for dealing with cybercrime as we currently see it,” Dowall says.


The pandemic certainly didn’t herald the advent of major cyberattacks. In May 2017, the NHS was hit with the WannaCry hack, which knocked out vital systems and cost the institution £92m through service loss and IT costs in the aftermath.

Dowall continues: “That was one of the incidents that highlighted to us that we needed to modernise and accelerate our approach to training; to technology; to the advancement in staff development, and to make sure that we had police officers that were fully skilled and able to investigate crimes of that nature.”

Moving forward, Dowall believes that Police Scotland and the CyberScotland partnership are ready to deal with emerging threats and major attacks.

“I think we are prepared, both as an individual organisation and through the investment that we have made in staff training and knowledge and expertise,” Dowall comments.

“Also, with those partnerships that we do have in Scotland, in the UK and internationally, I very much think the investigation of cybercrime at that level is a collaborative approach.”

Dowall adds: “If we can all bring something to the table as part of the number of individual investigations that are ongoing then we can collectively add another piece to that jigsaw to take us towards who is responsible.

“I think that we (Police Scotland), are in an excellent position and are currently contributing towards some of the largest investigations that are going on worldwide.”

David Paul

Staff Writer, DIGIT

Latest News

%d bloggers like this: