Managing the payments processing and monitoring the supply of power coming from the United Kingdom’s power station operators to power companies is Elexon. Different power companies provide the electricity supply for consumers and businesses in the UK, and Elexon is there to make sure that all the lights are “ON” all the time. Elexon accurately monitors the flow of electricity against the National Grid and making sure that the correct payments are made to companies generating the actual power.
Such activities, according to security researchers, amount to annual revenue of almost £2 billion. High-value money transactions and Elexon’s economic role and impact on the energy supply and distribution market is perhaps what makes it a hot target for cybercriminals and hackers from all over.
This attack was discovered just a few days after the National Cyber Security Centre in the UK tackled the increasing number of ransomware and hacking offenses during the coronavirus pandemic.
The investigation regarding the nature of the cyberattack is still ongoing. Still, some bits and pieces of information have been emerging since. These small bits of information are somehow giving concerned parties an idea and an emulation of the attack.
Elexon released a tweet the other day, stating that they are currently unable to access their email accounts and servers (no send/receive). Further to that, they have confirmed that their internal IT systems were affected by the cyberattack. That very same day, an announcement was made via their market portal, where they provided additional information about the attack.
The affected areas of their operations are their internal IT systems and their laptops. They have also confirmed that their BSC (Balancing and Settlement Code) and EMR (Electricity Market Reform) Payment Systems remain untouched and are working correctly.
Elexon has confirmed later in the afternoon that they have identified the root cause of the attack.
On the other hand, the National Grid’s Electricity System Operator (ESO) has immediately performed a check on their own internal IT systems and servers to identify if the attack on Elexon has any impact on them as well. But thanks to their state-of-the-art cybersecurity, no further investigation was needed. They have also tweeted – “electricity supply was not affected.”
Now the question lingers – is this a ransomware attack? – there’s been much speculation on the actual nature of the attacks against Elexon. According to cybersecurity specialists, critical infrastructures are a favorite target for cybercriminals, especially hackers.
The frequency and popularity of these kinds of attacks have been somewhat alarming, especially with the global pandemic situation that we have. With the majority of the people working remotely at home, hackers have been feasting on multiple opportunities, and security professionals are faced with the challenges of possible intrusions around remote access.
If it proves to be a ransomware attack, it might take a while before Elexon and other power companies to fully recover. And imagining the economic impact it will have on the UK, and it could be quite expensive.
The UK has condemned these series of cyberattacks, especially those that are targeting essential and critical sectors of the government and economic infrastructures. They have vowed to work with national agencies and their global allies in order to put a stop and hold those responsible – accountable.