British energy system falls victim to cyber-attack
27 May 2020
On Thursday 14 May, Elexon announced that it had experienced a cyber-attack on its IT systems.
Elexon plays a key role in the UK electricity system and is responsible for monitoring the amount of electricity generated by energy companies – processing 1.25 million-meter readings every day.
The company stated that the attack was on their own internal IT systems and its core services were not affected. Furthermore, since it does not “hold any customer-level data, there is no risk to the public.”
As reported by The Times, a National Grid spokesman stated, “We’re aware of a cyber intrusion on Elexon’s internal IT systems. We’re investigating the matter and any potential impact on our own IT networks. Electricity supply is not affected.”
The attack prevented employees from being able to access their emails which, according to The Times, suggested that the hackers may have been trying to “target the control room”.
Elexon reports that it has now identified the root cause and stressed that it is working hard to resolve the issue, as well as doing everything in its power to combat future attacks. “We have robust cybersecurity measures in place across all our IT and operational infrastructure to protect against cyber threats and ensure we can continue to reliably supply electricity.”
However, the cyber-attack is not a standalone issue but, rather, follows a trend of cybersecurity issues over the past few months. On 8 April 2020, The National Cyber Security Centre reported that there has been a rise in “malicious cyber actors”, who are exploiting the current pandemic for their own purposes and targeting organisations that are involved in the national response to the crisis.
“Security officials have identified targeting of national and international healthcare bodies, pharmaceutical companies, research organisations, and local government with the likely aim of gathering information related to the coronavirus outbreak,” said The National Cyber Security Centre.
"Furthermore, the increased number of people working at home because of the pandemic has led to a rise in “the use of potentially vulnerable services, such as Virtual Private Networks (VPNs), amplifying the threat to individuals and organisations.”
Secretary of State for Foreign Affairs Dominic Raab highlighted the potentially devastating repercussions of such attacks, “The effects of these cyber-attacks are potentially life-threatening as they disrupt and put pressure on organisations and individuals working hard to save lives.
“The UK will continue to counter those who conduct reckless cyber-attacks for their own malicious ends,” Raab declared.