The US energy business should have learnt to be wary of the power of the DarkSide. After numerous warnings, it suffered its most disruptive cyber attack two Fridays ago when the Colonial oil pipeline was shut down after a ransomware attack, suspected to be from this gang. Cyber security needs to be improved but that alone is not enough: the energy industry needs broader resilience to such threats.
The pipeline brings refined oil products – petrol, diesel, heating oil and jet fuel – from the Texas refining complex to meet 45 per cent of consumption on the US East Coast, ultimately supplying New Jersey, New York and other states.
Hackers exfiltrated 100 gigabytes of data and then demanded payment to unencrypt the company's files. Colonial's operational systems were not affected but it shut down pipeline flows – either to prevent further dissemination or, as it now appears, because it could not bill customers. A $5 million ransom was paid to the hackers, according to Bloomberg.
Federal and state governments temporarily waived fuel quality standards and restrictions on hours and weights for road tankers. Traders booked tankers to bring refined products from Europe.
Some refiners were granted exemptions from the Jones Act, an outdated and pernicious law that requires all trade between American ports to be carried out by vessels built and flagged in the US and manned by Americans.
Nevertheless, petrol stations began to run dry: by Thursday evening, according to consumer service Gas Buddy, between half and two thirds of Georgia, Virginia, South and North Carolina were out of fuel. This was exacerbated by limited deliveries from distribution centres as tanker trucks themselves could not secure diesel, as well panic buying.
Indeed, shortages in southern Florida seem mostly to be due to hoarding as the state is primarily supplied by barges, not Colonial's network.
The company resumed pipeline flows on Thursday but it will probably take one to two weeks before service returns to normal in all areas. For the first time in six years, petrol prices rose above $3 a gallon during the interruption but, overall, the effects on demand will be slightly negative.
This is the most disruptive cyber attack in the US to date but far from the first for the energy industry. Electricity and gas pipeline companies have suffered intrusions in recent years that were either aimed at extortion or probing vulnerabilities. The US Department of Energy was one of the victims of the Solarwinds cyber espionage discovered in December.
The famous Stuxnet virus, strongly suspected to be the work of the US and Israel, damaged Iranian centrifuges in 2009 and 2010, setting back its uranium enrichment programme. The National Iranian Oil Company experienced a cyber attack in April 2012. That August, the Shamoon virus, possibly linked to Iran, wiped 30,000 computers at Saudi Aramco.
Several Saudi petrochemical companies have suffered cyber attacks since then while the Ukraine energy grid was also compromised, resulting in power cuts.
These, along with hacks on or by North Korea, are all known geopolitical flash points while growing hostility between the US and China is another. Cyber attacks have great attractions. They are deniable, difficult to identify – making it hard to apprehend perpetrators – while the damage can be gradated short of war. A group such as DarkSide could be a criminal enterprise but it could also be similar to Elizabethan privateers who were licensed by the state to attack its enemies. State agencies could use the cover of extortion attempts to conduct espionage or plant sabotage bugs.
Perhaps the surprise is not how devastating cyber attacks have been but how little damage they have done so far. There has not been serious and prolonged disruption or major physical damage or loss of life. DarkSide’s ransom from Colonial sounds like something Dr Evil would do – disconcerting his henchman by asking for only $1m.
But any of the conflicts mentioned, or others, could turn into more overt confrontations or a hacking group might go too far. Energy infrastructure – essential, exposed, expensive and explosive – is an obvious target.
Surveys suggest that energy cyber security is weak and characterised by inadequate passwords, outdated versions of Microsoft Exchange, employees who are easily duped into clicking on suspicious links, operational systems that are not properly "air-gapped" from the internet and a lack of "war games" to simulate cyber crises.
However, security improvements will not be enough – not against increasingly skilful, well resourced and motivated criminals and state-backed hackers. Digitisation and automation, remote working and operations, drones, the Internet of Things and the electrification of an economy powered by fossil fuels promise greater efficiency, cost savings and environmental gains. But they also expand vulnerabilities.
The Colonial incident exposed several major weaknesses in US energy security. Strategic petroleum stocks are nearly all along the Gulf of Mexico coast and not near other big consumption centres. The East Coast relies on a single system for about half of its petroleum demand. There are no mandatory pipeline cyber security regulations. Logistics faces the circular paradox of needing fuel to deliver fuel. The dead hand of the Jones Act constrains alternatives and there is no way to stop panic buying.
Many other countries would turn out to have similar or deeper flaws when seriously tested. February’s Texas ice storm, although not a cyber attack, highlighted the need to have electricity to deliver gas to generate electricity, and for both to make heat to keep people alive and water flowing.
Greater resilience involves a mix of improved cyber security, tougher infrastructure, duplication and back-ups, diversity of energy sources and delivery methods, more effective regulation and government powers of intervention, better accounting for human behaviour and stronger recovery plans.
Cyber attacks on energy systems will probably become more frequent, more ingenious and more disruptive. Several warnings have passed, fortunately without too much damage, but now it is time to act.
Robin Mills is chief executive of Qamar Energy and author of The Myth of the Oil Crisis
Ten tax points to be aware of in 2026
1. Domestic VAT refund amendments: request your refund within five years
If a business does not apply for the refund on time, they lose their credit.
2. E-invoicing in the UAE
Businesses should continue preparing for the implementation of e-invoicing in the UAE, with 2026 a preparation and transition period ahead of phased mandatory adoption.
3. More tax audits
Tax authorities are increasingly using data already available across multiple filings to identify audit risks.
4. More beneficial VAT and excise tax penalty regime
Tax disputes are expected to become more frequent and more structured, with clearer administrative objection and appeal processes. The UAE has adopted a new penalty regime for VAT and excise disputes, which now mirrors the penalty regime for corporate tax.
5. Greater emphasis on statutory audit
There is a greater need for the accuracy of financial statements. The International Financial Reporting Standards standards need to be strictly adhered to and, as a result, the quality of the audits will need to increase.
6. Further transfer pricing enforcement
Transfer pricing enforcement, which refers to the practice of establishing prices for internal transactions between related entities, is expected to broaden in scope. The UAE will shortly open the possibility to negotiate advance pricing agreements, or essentially rulings for transfer pricing purposes.
7. Limited time periods for audits
Recent amendments also introduce a default five-year limitation period for tax audits and assessments, subject to specific statutory exceptions. While the standard audit and assessment period is five years, this may be extended to up to 15 years in cases involving fraud or tax evasion.
8. Pillar 2 implementation
Many multinational groups will begin to feel the practical effect of the Domestic Minimum Top-Up Tax (DMTT), the UAE's implementation of the OECD’s global minimum tax under Pillar 2. While the rules apply for financial years starting on or after January 1, 2025, it is 2026 that marks the transition to an operational phase.
9. Reduced compliance obligations for imported goods and services
Businesses that apply the reverse-charge mechanism for VAT purposes in the UAE may benefit from reduced compliance obligations.
10. Substance and CbC reporting focus
Tax authorities are expected to continue strengthening the enforcement of economic substance and Country-by-Country (CbC) reporting frameworks. In the UAE, these regimes are increasingly being used as risk-assessment tools, providing tax authorities with a comprehensive view of multinational groups’ global footprints and enabling them to assess whether profits are aligned with real economic activity.
Contributed by Thomas Vanhee and Hend Rashwan, Aurifer
Name: Peter Dicce
Title: Assistant dean of students and director of athletics
Favourite sport: soccer
Favourite team: Bayern Munich
Favourite player: Franz Beckenbauer
Favourite activity in Abu Dhabi: scuba diving in the Northern Emirates
Dubai Bling season three
Cast: Loujain Adada, Zeina Khoury, Farhana Bodi, Ebraheem Al Samadi, Mona Kattan, and couples Safa & Fahad Siddiqui and DJ Bliss & Danya Mohammed
Rating: 1/5
Victims%20of%20the%202018%20Parkland%20school%20shooting
%3Cp%3EAlyssa%20Alhadeff%2C%2014%3C%2Fp%3E%0A%3Cp%3EScott%20Beigel%2C%2035%0D%3C%2Fp%3E%0A%3Cp%3EMartin%20Duque%2C%2014%3C%2Fp%3E%0A%3Cp%3ENicholas%20Dworet%2C%2017%3C%2Fp%3E%0A%3Cp%3EAaron%20Feis%2C%2037%3C%2Fp%3E%0A%3Cp%3EJaime%20Guttenberg%2C%2014%0D%3C%2Fp%3E%0A%3Cp%3EChris%20Hixon%2C%2049%0D%3C%2Fp%3E%0A%3Cp%3ELuke%20Hoyer%2C%2015%3C%2Fp%3E%0A%3Cp%3ECara%20Loughran%2C%2014%0D%3C%2Fp%3E%0A%3Cp%3EGina%20Montalto%2C%2014%0D%3C%2Fp%3E%0A%3Cp%3EJoaquin%20Oliver%2C%2017%0D%3C%2Fp%3E%0A%3Cp%3EAlaina%20Petty%2C%2014%0D%3C%2Fp%3E%0A%3Cp%3EMeadow%20Pollack%2C%2018%3C%2Fp%3E%0A%3Cp%3EHelena%20Ramsay%2C%2017%0D%3Cbr%3E%0D%3C%2Fp%3E%0A%3Cp%3EAlex%20Schachter%2C%2014%0D%3C%2Fp%3E%0A%3Cp%3ECarmen%20Schentrup%2C%2016%0D%3C%2Fp%3E%0A%3Cp%3EPeter%20Wang%2C%2015%3Cbr%3E%3C%2Fp%3E%0A
Two products to make at home
Toilet cleaner
1 cup baking soda
1 cup castile soap
10-20 drops of lemon essential oil (or another oil of your choice)
Method:
1. Mix the baking soda and castile soap until you get a nice consistency.
2. Add the essential oil to the mix.
Air Freshener
100ml water
5 drops of the essential oil of your choice (note: lavender is a nice one for this)
Method:
1. Add water and oil to spray bottle to store.
2. Shake well before use.
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%3A%3C%2Fstrong%3E%20Vault%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3EJune%202023%3Cbr%3E%3Cstrong%3ECo-founders%3A%20%3C%2Fstrong%3EBilal%20Abou-Diab%20and%20Sami%20Abdul%20Hadi%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EAbu%20Dhabi%3Cbr%3E%3Cstrong%3ELicensed%20by%3A%3C%2Fstrong%3E%20Abu%20Dhabi%20Global%20Market%3Cbr%3E%3Cstrong%3EIndustry%3A%20%3C%2Fstrong%3EInvestment%20and%20wealth%20advisory%3Cbr%3E%3Cstrong%3EFunding%3A%20%3C%2Fstrong%3E%241%20million%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EOutliers%20VC%20and%20angel%20investors%3Cbr%3E%3Cstrong%3ENumber%20of%20employees%3A%20%3C%2Fstrong%3E14%3Cbr%3E%3C%2Fp%3E%0A
Israel Palestine on Swedish TV 1958-1989
Director: Goran Hugo Olsson
Rating: 5/5
Lexus LX700h specs
Engine: 3.4-litre twin-turbo V6 plus supplementary electric motor
Power: 464hp at 5,200rpm
Torque: 790Nm from 2,000-3,600rpm
Transmission: 10-speed auto
Fuel consumption: 11.7L/100km
On sale: Now
Price: From Dh590,000
Avatar: Fire and Ash
Director: James Cameron
Starring: Sam Worthington, Sigourney Weaver, Zoe Saldana
Rating: 4.5/5
About Okadoc
Date started: Okadoc, 2018
Founder/CEO: Fodhil Benturquia
Based: Dubai, UAE
Sector: Healthcare
Size: (employees/revenue) 40 staff; undisclosed revenues recording “double-digit” monthly growth
Funding stage: Series B fundraising round to conclude in February
Investors: Undisclosed
Full Party in the Park line-up
2pm – Andreah
3pm – Supernovas
4.30pm – The Boxtones
5.30pm – Lighthouse Family
7pm – Step On DJs
8pm – Richard Ashcroft
9.30pm – Chris Wright
10pm – Fatboy Slim
11pm – Hollaphonic
GIANT REVIEW
Starring: Amir El-Masry, Pierce Brosnan
Director: Athale
Rating: 4/5
Timeline
2012-2015
The company offers payments/bribes to win key contracts in the Middle East
May 2017
The UK SFO officially opens investigation into Petrofac’s use of agents, corruption, and potential bribery to secure contracts
September 2021
Petrofac pleads guilty to seven counts of failing to prevent bribery under the UK Bribery Act
October 2021
Court fines Petrofac £77 million for bribery. Former executive receives a two-year suspended sentence
December 2024
Petrofac enters into comprehensive restructuring to strengthen the financial position of the group
May 2025
The High Court of England and Wales approves the company’s restructuring plan
July 2025
The Court of Appeal issues a judgment challenging parts of the restructuring plan
August 2025
Petrofac issues a business update to execute the restructuring and confirms it will appeal the Court of Appeal decision
October 2025
Petrofac loses a major TenneT offshore wind contract worth €13 billion. Holding company files for administration in the UK. Petrofac delisted from the London Stock Exchange
November 2025
180 Petrofac employees laid off in the UAE
Sholto Byrnes on Myanmar politics
RESULTS
Light Flyweight (48kg): Alua Balkibekova (KAZ) beat Gulasal Sultonalieva (UZB) by points 4-1.
Flyweight (51kg): Nazym Kyzaibay (KAZ) beat Mary Kom (IND) 3-2.
Bantamweight (54kg): Dina Zholaman (KAZ) beat Sitora Shogdarova (UZB) 3-2.
Featherweight (57kg): Sitora Turdibekova (UZB) beat Vladislava Kukhta (KAZ) 5-0.
Lightweight (60kg): Rimma Volossenko (KAZ) beat Huswatun Hasanah (INA) KO round-1.
Light Welterweight (64kg): Milana Safronova (KAZ) beat Lalbuatsaihi (IND) 3-2.
Welterweight (69kg): Valentina Khalzova (KAZ) beat Navbakhor Khamidova (UZB) 5-0
Middleweight (75kg): Pooja Rani (IND) beat Mavluda Movlonova (UZB) 5-0.
Light Heavyweight (81kg): Farida Sholtay (KAZ) beat Ruzmetova Sokhiba (UZB) 5-0.
Heavyweight (81 kg): Lazzat Kungeibayeva (KAZ) beat Anupama (IND) 3-2.
Arabian Gulf League fixtures:
Friday:
- Emirates v Hatta, 5.15pm
- Al Wahda v Al Dhafra, 5.25pm
- Al Ain v Shabab Al Ahli Dubai, 8.15pm
Saturday:
- Dibba v Ajman, 5.15pm
- Sharjah v Al Wasl, 5.20pm
- Al Jazira v Al Nasr, 8.15pm
