Attacks and Vulnerabilities
News

U.K. power grid hit by cyber attack

May 17, 2020
U.K. power grid

U.K. electricity system administrator Elexon announced it had been hit by a cyber attack on May 14. While the attack on the U.K. power grid did not cause a disruption to the country’s electricity supply, it did impact Elexon’s internal IT systems.

“We are advising you that today that ELEXON’s internal IT systems have been impacted by a cyber attack,” Elexon said in a bulletin. “BSC Central Systems and EMR are currently unaffected and working as normal. The attack is to our internal IT systems and ELEXON’s laptops only. We are currently working hard to resolve this. However please be aware that at the moment we are unable to send or receive any emails.”

As a result of the attack Elexon employees were locked out of their emails and the company’s network, but other systems were not affected.

“Further to BSC Bulletin 335, we have now identified the root cause and we are taking steps to restore our internal IT systems,” said in a follow-up bulletin. “BSC Central Systems (and their data) and EMR remain unaffected and are continuing to work as normal.”

Elexon is responsible for administering balancing and settlement code. In this role, they also monitor the amount of electricity generated by energy companies and match this with what the National Grid expects to receive. The company serves approximately 6 million homes across the U.K. power grid.

Elexon’s parent organization is the National Grid Electricity Transmission PLC, which owns and operates the regulated electricity transmission network in England and Wales and operates high-voltage transmission networks.

“We’re aware of a cyber attack on ELEXON’s internal IT systems. We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats,” National Grid ESO, Great Britain’s electricity system operator said in a tweet.

This is the second attack on the European power grid in recent months. On March 9, the European Network of Transmission System Operators announced it had recently found evidence of a successful cyber intrusion into its office network.

“A risk assessment has been performed and contingency plans are now in place to reduce the risk and impact of any further attacks,”  ENTSO-E said in a statement. “It is important to note that the ENTSO-E office network is not connected to any operational TSO system. Our TSO members have been informed and we continue to monitor and assess the situation.”

ENTSO-E is responsible for overseeing the operations of Europe’s high voltage power infrastructure. It represents 42 transmission system operators across 35 member states, including Great Britain’s National Grid ESO.

Like other power grid operators around the globe, ENTSO-E has been working to improve it’s cybersecurity efforts. In 2017 it joined the European Network for Cyber Security in signing a memorandum of understanding to develop state of the art cybersecurity regulation, practices and standards for the electricity transmission system.

The partnership was an effort to increase the resilience of Europe’s power system against cyber attacks.

“The energy landscape is in a period of rapid transition” Laurent Schmitt, Secretary General, ENTSO-E, said in a press release at the time. “One of the biggest changes is the ever-mounting cyber security challenge. We’re delighted to work with ENCS, as well as with the European agency ENISA, to help our members increase their resilience, while bringing their own very valuable contribution to the wider security conversation.”

Rebecca Addison
Industrial Cyber Editor. Rebecca Addison is a former newspaper editor with a decade of experience in the media industry. During her career, she has interviewed world leaders and corporate CEOs, and covered topics ranging from blockchain and CBD to healthcare and education.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
Radiflow helps customers achieve NIS2 compliance, spurring growth in Europe
Radiflow, Exclusive Networks partner to elevate OT cybersecurity
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
CISA, FBI, Europol, and NCSC-NL issue joint cybersecurity advisory on Akira ransomware threats
CISA, FBI, Europol, and NCSC-NL issue joint cybersecurity advisory on Akira ransomware threats
Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Armis
Armis acquires Silk Security for $150 million to enhance AI-driven cybersecurity capabilities
Nozomi discovers five vulnerabilities in AMI MegaRAC SP-X BMC, exposing OT, IOT devices to RCE attacks
Nozomi secures US$1.25 million US Air Force contract to boost DoD critical infrastructure security
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape