18 June 2020

Britain’s energy system fell victim to a cyberattack targeting the IT infrastructure used to run the electricity market.

The system’s administrator, Elexon, confirmed that it was affected by a cyberattack Thursday, May 14th but that the key systems used to govern the electricity market were unaffected.

National Grid is investigating whether the attack could affect the part of its business tasked with keeping the lights on. A spokesman for the energy system operator said electricity supplies had not been affected,andtherewere“robustcybersecurity measures in place” to make sure the UK continues to receive reliable electricity. We’re aware of a cyber intrusion on Elexon’s internal IT systems. We’re investigating the matter and any potential impact on our own IT networks,” he said.

Overseeing the payments in the energy market that exists between UK power station operators and the companies that provide the electricity supply to consumers and business- es alike, Elexon plays a vital role in ensuring the lights really do stay on across the country. It does this by not only monitoring electricity generation and matching it to National Grid demand but ensuring that correct payments are made to those generating the juice. Ac- cording to The Telegraph, which broke the news of the cyberattack, that amounts to £1.7bn of transactions every year. The combination of high-value transactions with being a corepartoftheenergysupplymarketmakes companies such as Elexon a prime target for cybercriminals and nation-state hackers alike.

There has been a lot of global nervousness around energy market security recently, with US president Donald Trump declaring foreign cybersecurity threats to his country’s electricity system a national emergency in anexecutiveordersigned in May.

The attack emerged days after the UK’s National Cyber Security Centre (NCSC) identified an increasing number of “malicious cyber actors” which are exploiting the coronavirus pandemic for their own objectives.

In the same week, two companies involved in building emergency coronavirus hospitals said they were hit by cyberattacks in the month of May.

Interserve, which helped build Birmingham’s NHS Nightingale hospital and BAM Construct, delivered hospitals in Yorkshire and the Humber, both reported cyberattacks.
National Grid had made no further comment as Networking+ went to press.