UK Power Grid Biz Suffers Outage After Cyber-Attack

A UK power grid company has suffered a possible ransomware attack, although electricity supply to homes has not been affected.

Elexon administers a crucial part of the power supply chain, known as the Balancing and Settlement Code (BSC), with customers including the country’s suppliers, generators, distributors, traders, and energy importers and exporters.

The firm takes over one million meter readings everyday to compare what generators and suppliers say they will produce or consume with actual volumes, before calculating a price for the difference and transferring funds accordingly.

At nearly midday local time yesterday the firm posted an alert claiming its internal IT systems had been impacted by a cyber-attack.

“BSC Central Systems and EMR are currently unaffected and working as normal. The attack is to our internal IT systems and ELEXON’s laptops only. We are currently working hard to resolve this. However please be aware that at the moment we are unable to send or receive any emails,” the notice read.

A further message nearly four hours later revealed that the firm had “identified the root cause and we are taking steps to restore our internal IT systems.”

The National Grid took to Twitter to reassure customers about electricity supply.

“We’re aware of a cyber-attack on Elexon’s internal IT systems,” it noted. “We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber-threats.”

Although yet to be confirmed, the downtime to internal systems would seem to suggest a ransomware attack, although there are other possibilities.

The power grid, like other parts of critical national infrastructure (CNI), has come under increasing scrutiny from nation state actors in recent years, especially Kremlin-backed hackers.

Back in 2017, NCSC boss Ciaran Martin warned of Russian attacks on UK media, telecoms and energy sectors as part of its bid to “undermine the international system.”

Earlier this month Donald Trump declared a national emergency over the threat of foreign adversaries launching crippling cyber-attacks against the US power grid.

What’s Hot on Infosecurity Magazine?