U.K. electricity system administrator Elexon announced it had been hit by a cyber attack on May 14. While the attack on the U.K. power grid did not cause a disruption to the country’s electricity supply, it did impact Elexon’s internal IT systems.
“We are advising you that today that ELEXON’s internal IT systems have been impacted by a cyber attack,” Elexon said in a bulletin. “BSC Central Systems and EMR are currently unaffected and working as normal. The attack is to our internal IT systems and ELEXON’s laptops only. We are currently working hard to resolve this. However please be aware that at the moment we are unable to send or receive any emails.”
As a result of the attack Elexon employees were locked out of their emails and the company’s network, but other systems were not affected.
“Further to BSC Bulletin 335, we have now identified the root cause and we are taking steps to restore our internal IT systems,” said in a follow-up bulletin. “BSC Central Systems (and their data) and EMR remain unaffected and are continuing to work as normal.”
Elexon is responsible for administering balancing and settlement code. In this role, they also monitor the amount of electricity generated by energy companies and match this with what the National Grid expects to receive. The company serves approximately 6 million homes across the U.K. power grid.
Elexon’s parent organization is the National Grid Electricity Transmission PLC, which owns and operates the regulated electricity transmission network in England and Wales and operates high-voltage transmission networks.
“We’re aware of a cyber attack on ELEXON’s internal IT systems. We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats,” National Grid ESO, Great Britain’s electricity system operator said in a tweet.
This is the second attack on the European power grid in recent months. On March 9, the European Network of Transmission System Operators announced it had recently found evidence of a successful cyber intrusion into its office network.
“A risk assessment has been performed and contingency plans are now in place to reduce the risk and impact of any further attacks,” ENTSO-E said in a statement. “It is important to note that the ENTSO-E office network is not connected to any operational TSO system. Our TSO members have been informed and we continue to monitor and assess the situation.”
ENTSO-E is responsible for overseeing the operations of Europe’s high voltage power infrastructure. It represents 42 transmission system operators across 35 member states, including Great Britain’s National Grid ESO.
Like other power grid operators around the globe, ENTSO-E has been working to improve it’s cybersecurity efforts. In 2017 it joined the European Network for Cyber Security in signing a memorandum of understanding to develop state of the art cybersecurity regulation, practices and standards for the electricity transmission system.
The partnership was an effort to increase the resilience of Europe’s power system against cyber attacks.
“The energy landscape is in a period of rapid transition” Laurent Schmitt, Secretary General, ENTSO-E, said in a press release at the time. “One of the biggest changes is the ever-mounting cyber security challenge. We’re delighted to work with ENCS, as well as with the European agency ENISA, to help our members increase their resilience, while bringing their own very valuable contribution to the wider security conversation.”