Energy supply chain specialist Elexon has had its internal IT network disrupted by a cyber attack, in what appears to be further evidence of hacking groups escalating their attacks against UK infrastructure.
The incident, first reported yesterday, is said to have locked employees out of internal email accounts and has prevented them from using laptops remotely.
The company is critical to the functioning of the country’s power grid, handling approximately £1.7 billion of transactions each year as part of its role connecting power stations with their energy suppliers.
Details of the as-of-yet undefined cyber attack were published yesterday at midday, with the company revealing that only its internal IT systems and laptops were affected. The BSC Central Systems, which executes the company’s function in the supply chain, and EMR, a subsidiary company, were unaffected.
Elexon delivered an update a few hours later suggesting the root cause has been identified, with steps being taken to restore the internal IT systems.
IT Pro contacted Elexon to determine the exact nature of the cyber attack, and what potential effect this disruption may have on the energy supply to homes and offices. Currently, there is no indication that this attack will affect the nation's energy supply network.
“We’re aware of a cyber attack on Elexon’s internal IT systems,” said the UK’s National Grid Electricity Systems Operator.
“We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats.”
Companies key to the UK’s critical national infrastructure have been on high alert throughout the coronavirus pandemic, with the National Cyber Security Centre (NCSC) issuing several stark warnings over previous weeks.
The security agency warned earlier this month, for instance, that APT groups were targeting UK bodies critical to the coronavirus response through password spraying attacks, including healthcare bodies and pharmaceutical companies.
Remote office networks pose a business and reliability risk
A survey of IT professionals shows that nearly every company suffers direct business impact from network service interruptions
Alarmingly, a report published in November 2018 suggested it’s “impossible” to protect critical UK infrastructure from cyber attacks, with mitigation rather than prevention becoming the new normal.
The consequences of targeted attacks against key players in the energy supply chain could range from minor disruption of day-to-day operations, to massive energy blackouts that could, in turn, hamper other critical organisations, like hospitals.
The risks are compounded with historic weaknesses in the cyber security regimes of energy companies, with the government forced to set out a robust set of requirements for companies more than two years ago.
Under the Network and Information Systems (NIS) directive, energy companies could be fined £17 million for failing to take effective action to prevent cyber attacks and breaches.
The measures followed an NCSC report from 2017 suggesting that state-backed hackers had targeted the IT systems responsible for controlling crucial arms of the country’s utilities.
A significant wave of activity, for example, registered in June of that year bore a striking resemblance to the infamous attacks against portions of the Ukrainian power grid in 2016, which hundreds of thousands of people into darkness.
