The number of successful cyber attacks against UK utilities companies rose 586% to 48 in 2023, while data breaches increased by 714% over the same period, affecting some 140,000 individuals.

These are the key findings of figures obtained from the Information Commissioner’s Office by Chaucer.

Ben Marsh, class underwriter at the re/insurance group, says that utilities companies, as part of the UK’s critical national infrastructure, are seen as being at increased risk of hacking attacks since the Ukraine war started in 2022. The International Energy Agency has previously warned about an increase in cyber attacks against energy infrastructure in Europe.

Last year, regulator Ofcom said it had faced an average of 30,000 attempted cyber intrusions per week.

So far these cyber attacks have been largely restricted to the theft of data or ransomware attacks. There have been concerns that cyber attacks designed to damage infrastructure such as utilities could increase due to a rise in geopolitical tension.

“Its suspected that the increase in cyber breaches is being driven in part by growing efforts from state backed hackers targeting critical UK infrastructure,” Marsh explains. “That comes on top of the threat from more conventional cyber criminals who also continue to target UK [utilities] companies. Particularly as these companies hold extensive amounts of personal data including people’s financial details.

“[Utilities] companies hold a wide array of personal information from bank details to home addresses. Once this information is obtained by hackers, they can exploit it themselves or sell it on to third parties on the dark web.”

---