Arab Press

بالشعب و للشعب
Sunday, Jul 19, 2026

UK cyber security law forcing energy companies to report hacks has led to no reports, despite numerous hacks

UK cyber security law forcing energy companies to report hacks has led to no reports, despite numerous hacks

The threshold to determine whether an incident affecting energy companies is reportable has prevented any reports being made.

A cyber security law introduced three years ago was meant to boost the resilience of the UK's energy sector by obliging gas and electricity firms to report when they were hacked.

But since then not a single report has been made, Sky News can reveal, despite numerous successful hacks of British energy firms attributed to hostile states as well as criminal groups.

Ofgem, the authority that is meant to receive these reports, told Sky News that only one company has ever tried to file a report informing the regulator that it had been hacked, but they were dismissed as the incident did not meet the threshold for being reported.

Ofcom's incident thresholds are based on the impact of an attack on customers


Last year, staff at a little-known company called Elexon - a firm that plays a critical role in balancing and settling payments between power plants and electricity suppliers - was left locked out of its internal systems due to a ransomware attack.

The British government has confirmed that Russian state-sponsored hackers have successfully penetrated the computer networks of the UK's energy grids, without disrupting them.

Former defence secretary Gavin Williamson warned that "thousands and thousands and thousands" of people could be killed if an attempt at disruption was made.

But the high thresholds for companies working across the gas and electricity sectors to report cyber security incidents to Ofgem risks leaving the regulator blind to how the sector is actually coping in the face of these threats.

These thresholds are based on the impact of hacks to the continuity of the companies' services, a metric that does not record the sector's security capabilities, just the intentions of the attackers.

Dr Jamie Collier, a threat intelligence consultant at FireEye, told Sky News that the thresholds could be useful considering the varying levels of sophistication across attacks on critical infrastructure organisations, allowing defenders to "focus on what really matters".

But the cyber security expert added: "Despite this, essential service providers and regulators should be careful not to neglect the threat posed from less sophisticated attacks."

FireEye has detected an increase in critical infrastructure incidents caused by novice hackers due to the growing availability of tools enabling these hackers to interact with industrial control systems.

The company also warns that multiple, highly-prolific criminal organisations with a financial motivation are currently "active inside essential service provider networks with the intent of profiting from a ransom of stolen information and disrupted services".

FireEye warns that novice hackers are now targeting industrial control systems.


"Most of the concern around cyber security has been focused on operational technology (OT) networks that interact with physical processes and machinery, such as power plant equipment or water treatment facilities," Dr Collier explained.

"Yet the traditional information technology (IT) networks that involve the flow of data - such as file storage or email - should not be neglected. This is because whilst the impact of malicious activity can be far more severe against OT systems, these attacks typically start out on IT networks. It is therefore vital to consider security across an entire service provider's infrastructure."

Dr Collier stressed that critical infrastructure providers "deserve credit for their use of fail-safe mechanisms that can mitigate the destructive impacts of many attacks".

Responding to Sky News, a government spokesperson said: "The UK's critical infrastructure is extremely well protected and over the past five years we have invested £1.9bn in the National Cyber Security Strategy to ensure our systems remain secure and reliable."

They added that a formal review of the impact of the cyber security law, the Network & Information Systems Regulations, will take place within the next 12 months.

Newsletter

Related Articles

Arab Press
0:00
0:00
Close
US Retaliates Against Iran After Two American Troops Killed in Jordan
Proposed U.S.-Saudi Nuclear Pact Could Permit Limited Uranium Enrichment Under International Safeguards
Iran Claims It Destroyed Bahrain’s Main Artificial Intelligence Center in Missile and Drone Strike
Reported CIA Mission Helped Clear the UAE’s Path to Advanced US AI Chips
Artificial Intelligence Capital Fuels Markets While Governments and Regulators Face Mounting Strategic Tests
China’s Moonshot’s Kimi K3 Narrows the Gap With Anthropic Through Scale, Openness and Lower Cost
The Ledger Will Not Trust on Faith
Passenger Bound for Germany Refused to Sit Beside a Woman on a Plane — Then Slapped a Flight Attendant
Ukraine’s Leadership Rift Spills Into the Streets as Protesters Target Army Chief
The Ten World Cup Finals That Defined Football History
Smartphones Are Getting More Expensive, Sales Are Collapsing, and Even Apple Admits: "Prices Will Rise"
Leadership Change and Strategic Rivalry Redraw the Political Map
The AI Race Enters Its Infrastructure Era
Britain Nationalises British Steel to Protect Scunthorpe Production and Strategic Supply
Thomas Tuchel Faces Fierce Backlash After Tactical Retreat Costs England World Cup Final Berth
A Quiet Bastille Day: France Grapples with World Cup Heartbreak and Leftover Fireworks
Spain in Ecstasy: "We Feel Unbeatable, We Taught the Whole World a Lesson"
Harvard Astrophysicist to Lead U.S. Scientific Advisory on Unidentified Aerial Phenomena
Emergency Sirens Activated Across Bahrain as Interior Ministry Issues Shelter Directives
World Cup Visitors Turn American Big-Box Stores Into Souvenir Stops
Netflix Weighs Always-On Channels, Bundles and Short-Form Video
The AI Invoice Shock: Layoffs Didn't Save Managers Money — They Cost Them More
Concern: Sexually Transmitted Bacterium Among Men Develops Antibiotic Resistance
Passenger Partially Pulled Out of Ryanair Jet After Cabin Window Fails Mid-Flight
Severe Heatwave Drives Dangerous Ground-Level Ozone Pollution Across Two Thirds of European Union
The Physical and Electronic Barriers Disrupting Domestic Wireless Networks
France and Morocco Open World Cup Quarter-Finals as Collina Defends Refereeing
Tech Pulse: The Future of AI and Screen Culture
Global News Briefing: Escalating Geopolitical Tensions and Corporate Shakeups
Global News Brief: Escalating Conflicts, Public Health Crises, and World Cup Drama
Europe's Growing Struggle with Extreme Heat and Air Conditioning
Anthropic Reengineers Agentic Architecture to Shift Autonomous Workplace Automation to the Cloud
Logic Flaw in Windows 11 Permission Architecture Silently Consumes Hundreds of Gigabytes of Local Storage
Apple Advances Late-Stage Operating Systems with Fourth Beta Deployments
Global Crisis Alert: Escalating Middle East Tensions and UK Political Upheaval
Japanese Technology Firm Fujitsu Launches Advanced Artificial Intelligence Tool for Corporate Disclosures
South Africa Officially Launches Nationwide Campaign for Highly Contested Local Government Elections
United Kingdom Commits Additional Funding for Unexploded Ordnance Clearance in Laos
Singapore Announces Stringent New Greenhouse Gas Regulations for Commercial Cooling Systems
Cambodia and Thailand Hold High-Level Border Security Talks at United Nations Headquarters
Myanmar Military Government and China Sign Major Agreement to Upgrade Media and Cultural Cooperation
Knife Attack at Swiss Train Station Leaves Three Injured in Suspected Act of Domestic Terrorism
Transnational Extortion Gang Threatens Canadian Police With Army of One Thousand Armed Operatives
Australia Imposes Forty-Two-Day Quarantine on Cruise Ship Passengers Following Deadly Hantavirus Outbreak
International Monetary Fund Unlocks Seven Hundred Million United States Dollars for Sri Lanka Following Economic Reforms
Australia Launches Record One Point Four Billion Dollar Lawsuit Against Chemical Giant 3M Over Contamination
China and Canada Foreign Ministers Meet in Ottawa in Effort to Stabilize Strained Diplomatic Ties
Indonesia Demands Urgent United Nations Security Council Reform Amid Escalating Global Conflicts
Extreme Weather Patterns Trigger Severe Drought in Madagascar and Destructive Flooding in East Africa
Indian State of Karnataka Faces Political Upheaval as Chief Minister Siddaramaiah Abruptly Resigns
×