Beautiful Virgin Islands

Wednesday, Aug 27, 2025

UK cyber security law forcing energy companies to report hacks has led to no reports, despite numerous hacks

UK cyber security law forcing energy companies to report hacks has led to no reports, despite numerous hacks

The threshold to determine whether an incident affecting energy companies is reportable has prevented any reports being made.

A cyber security law introduced three years ago was meant to boost the resilience of the UK's energy sector by obliging gas and electricity firms to report when they were hacked.

But since then not a single report has been made, Sky News can reveal, despite numerous successful hacks of British energy firms attributed to hostile states as well as criminal groups.

Ofgem, the authority that is meant to receive these reports, told Sky News that only one company has ever tried to file a report informing the regulator that it had been hacked, but they were dismissed as the incident did not meet the threshold for being reported.

Ofcom's incident thresholds are based on the impact of an attack on customers


Last year, staff at a little-known company called Elexon - a firm that plays a critical role in balancing and settling payments between power plants and electricity suppliers - was left locked out of its internal systems due to a ransomware attack.

The British government has confirmed that Russian state-sponsored hackers have successfully penetrated the computer networks of the UK's energy grids, without disrupting them.

Former defence secretary Gavin Williamson warned that "thousands and thousands and thousands" of people could be killed if an attempt at disruption was made.

But the high thresholds for companies working across the gas and electricity sectors to report cyber security incidents to Ofgem risks leaving the regulator blind to how the sector is actually coping in the face of these threats.

These thresholds are based on the impact of hacks to the continuity of the companies' services, a metric that does not record the sector's security capabilities, just the intentions of the attackers.

Dr Jamie Collier, a threat intelligence consultant at FireEye, told Sky News that the thresholds could be useful considering the varying levels of sophistication across attacks on critical infrastructure organisations, allowing defenders to "focus on what really matters".

But the cyber security expert added: "Despite this, essential service providers and regulators should be careful not to neglect the threat posed from less sophisticated attacks."

FireEye has detected an increase in critical infrastructure incidents caused by novice hackers due to the growing availability of tools enabling these hackers to interact with industrial control systems.

The company also warns that multiple, highly-prolific criminal organisations with a financial motivation are currently "active inside essential service provider networks with the intent of profiting from a ransom of stolen information and disrupted services".

FireEye warns that novice hackers are now targeting industrial control systems.


"Most of the concern around cyber security has been focused on operational technology (OT) networks that interact with physical processes and machinery, such as power plant equipment or water treatment facilities," Dr Collier explained.

"Yet the traditional information technology (IT) networks that involve the flow of data - such as file storage or email - should not be neglected. This is because whilst the impact of malicious activity can be far more severe against OT systems, these attacks typically start out on IT networks. It is therefore vital to consider security across an entire service provider's infrastructure."

Dr Collier stressed that critical infrastructure providers "deserve credit for their use of fail-safe mechanisms that can mitigate the destructive impacts of many attacks".

Responding to Sky News, a government spokesperson said: "The UK's critical infrastructure is extremely well protected and over the past five years we have invested £1.9bn in the National Cyber Security Strategy to ensure our systems remain secure and reliable."

They added that a formal review of the impact of the cyber security law, the Network & Information Systems Regulations, will take place within the next 12 months.

Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Spotify’s Strange Move: The Feature Nobody Asked For – Returns
Manhunt in Australia: Armed Anti-Government Suspect Kills Police Officers Sent to Arrest Him
China Launches World’s Most Powerful Neutrino Detector
How Beijing-Linked Networks Shape Elections in New York City
Ukrainian Refugee Iryna Zarutska Fled War To US, Stabbed To Death
Elon Musk Sues Apple and OpenAI Over Alleged App Store Monopoly
2 Australian Police Shot Dead In Encounter In Rural Victoria State
Vietnam Evacuates Hundreds of Thousands as Typhoon Kajiki Strikes; China’s Sanya Shuts Down
UK Government Delays Decision on China’s Proposed London Embassy Amid Concerns Over Redacted Plans
A 150-Year Tradition to Be Abolished? Uproar Over the Popular Central Park Attraction
A new faith called Robotheism claims artificial intelligence isn’t just smart but actually God itself
Deputy Prime Minister Angela Rayner Purchases Third Property Amid Housing Tax Reforms Debate
HSBC Switzerland Ends Relationships with Over 1,000 Clients from Saudi Arabia, Lebanon, Qatar, and Egypt
Sharia Law Made Legally Binding in Austria Despite Warnings Over 'Incompatible' Values
Italian Facebook Group Sharing Intimate Images Without Consent Shut Down Amid Police Investigation
Dutch Foreign Minister Resigns Amid Deadlock Over Israel Sanctions
Trump and Allies Send Messages of Support to Ukraine on Independence Day Amid Ongoing Conflict
China Reels as Telegram Chat Group Shares Hidden-Camera Footage of Women and Children
Sam Nicoresti becomes first transgender comedian to win Edinburgh Comedy Award
Builders uncover historic human remains in Lancashire house renovation
Australia Wants to Tax Your Empty Bedrooms
MotoGP Cameraman Narrowly Avoids Pedro Acosta Crash at Hungarian Grand Prix
FBI Investigates John Bolton Over Classified Documents in High-Profile Raids
Report reveals OpenAI pitched national ChatGPT Plus subscription to UK ministers
Labour set to freeze income tax thresholds in long-term 'stealth' tax raid
Coca‑Cola explores sale of Costa coffee chain
Trial hears dog walker was chased and fatally stabbed by trio
Restaurateur resigns from government hospitality council over tax criticism
Spanish City funfair shut after serious ride injury
Suspected arson at Ilford restaurant leaves three in critical condition
Tottenham beat Manchester City to go top of Premier League
Bank holiday heatwave to hit 30°C before remnants of Hurricane Erin arrive
UK to deploy immigration advisers to West Africa to block fake visas
Nurse who raped woman continued working for a year despite police alert
Drought forces closures of England’s canal routes, canceling boat holidays
Sweet tooth scents: food-inspired perfumes surge as weight-loss drugs suppress appetites
Experts warn Britain dangerously reliant on imported food
Family of Notting Hill Carnival murder victim call event unmanageable
Bunkers, Billions and Apocalypse: The Secret Compounds of Zuckerberg and the Tech Giants
Ukraine Declares De Facto War on Hungary and Slovakia with Terror Drone Strikes on Their Gas Lifeline
Animated K-pop Musical ‘KPop Demon Hunters’ Becomes Netflix’s Most-Watched Original Animated Film
New York Appeals Court Voids Nearly $500 Million Civil Fraud Penalty Against Trump While Upholding Fraud Liability
Elon Musk tweeted, “Europe is dying”
Far-Right Activist Convicted of Incitement Changes Gender and Demands: "Send Me to a Women’s Prison" | The Storm in Germany
Hungary Criticizes Ukraine: "Violating Our Sovereignty"
Will this be the first country to return to negative interest rates?
Child-free hotels spark controversy
North Korea is where this 95-year-old wants to die. South Korea won’t let him go. Is this our ally or a human rights enemy?
Hong Kong Launches Regulatory Regime and Trials for HKD-Backed Stablecoins
China rehearses September 3 Victory Day parade as imagery points to ‘loyal wingman’ FH-97 family presence
×