Earlier in the year, Britain’s energy system was targeted by a cyber-attack with the attacker’s focus being on the IT infrastructure needed to run the electricity market.
Reportedly, the vital systems behind governing the electricity market were not affected. Elexon is the electricity systems administrator and the victim of said cyber-attack. Electricity generated by energy companies is carefully monitored by Elexon to ensure that this matches what the National Grid is expecting to receive and helps to ensure that the correct amount of energy is produced and paid for.
The UK’s National Cyber Security Centre announced that they had discovered a rising number of attackers exploiting the global coronavirus pandemic for varying objectives, just days before the cyber-attack against Elexon. A large portion of the surge in attacks have been reported to be targeting hospitals, healthcare systems and global health experts. A few days before the attack on the UK energy market, two of the companies involved with building emergency coronavirus hospitals were also victims of cyber-attacks.
An initial statement from Elexon stated that thanks to “robust cybersecurity measures in place” electricity supplies hadn’t been affected and they had been able to ensure a continued reliable electricity supply to the UK. They went on to say that they were “aware of a cyber intrusion on Elexon’s internal IT systems. We’re investigating the matter and any potential impact on our own IT networks,” he said.
In regard to exactly what IT systems has been affected by the attack, Elexon said that “The attack is to our internal IT systems and Elexon’s laptops only.”. They go on to make people aware that they were currently unable to send or receive emails as a result of the attack.
Later the same day, Elexon added that they had now “identified the root cause” and that they were “taking steps” to restore their internal IT systems. They also reiterated that the systems relating to the energy market were still unaffected. This cyber-attack is yet another example of the rising number of cyber-attacks being deployed against the US and UK companies.