Attacks and Vulnerabilities
Critical infrastructure
News
Utilities: Energy & Power, Water, Waste
Vulnerabilities

Energy One reports cyber attack on corporate systems in Australia, UK; affects UK critical infrastructure operators

August 21, 2023
Energy One reports cyber attack on corporate systems in Australia, UK; affects UK critical infrastructure operators

Energy One, an Australian supplier of software and services for the energy sector, announced that it had determined that certain corporate systems in Australia and the U.K. were affected by a cyber attack on Friday. The impact of the cybersecurity incident can affect operators of critical infrastructure across the U.K. as a result of the developing cyber attack on the systems of Energy One. 

“In response, Energy One took immediate steps to limit the impact of the incident, engaged cyber security specialists, CyberCX, and alerted the Australian Cyber Security Centre and certain UK authorities,” the company’s board chairman Andrew Bonwick disclosed in a Monday statement to the Australian Securities Exchange (ASX). “Energy One’s top priorities are the safety and security of its people, its customers, and its systems.”

Bonwick added that analysis is underway to identify which, if any, additional systems may have been affected by the cyber-attack. “As part of its work to ensure customer security, Energy One has disabled some links between its corporate and customer-facing systems. Energy One’s response to this incident, and its investigation, is continuing.” 

Furthermore, key lines of the ongoing inquiry and response include securing Energy One’s systems, establishing whether or what personal information and/or customer-facing systems have been affected, and the initial point of entry, Bonwick identified.

“Energy One will continue to provide updated information as it gains greater clarity about the incident and the likely timeframe for its resolution,” Bonwick added.

Industrial Cyber has reached out to Bonwick for more details on the cyber attack, including, if any, OT (operational technology) systems have been compromised. 

With local offices serving the wholesale energy markets of Asia-Pacific, Europe, and the U.K., the company provides a variety of software solutions and services for physical, contract, and derivative energy trading and logistics.

News reports identified that some of the firm’s U.K. customers include Good Energy, a southwest England-based renewable supplier, which uses Energy One’s enTrader service to manage its Energy Contract Volume Notifications (ECVNs); SSE, which supplies gas and electricity to seven million homes and has been using Energy One’s enVoy communications framework to interface for electronic data transfers with the National Grid; and renewables specialist Yorkshire Gas and Power.

There is no suggestion or evidence at this stage to suggest that any of these firms have been affected by the incident.

The Energy One cyber attack comes as the six-month transition grace period for the Australian Critical Infrastructure Risk Management Program (CIRMP) obligation has ended. Owners and operators of critical infrastructure in Australia are now obligated to establish a risk management program in order to satisfy the CIRMP prerequisites. The countdown has begun for the upcoming deadlines: August 18, 2024, by which the cybersecurity framework criteria must be met, followed by the submission of the inaugural Board-approved annual report no later than September 28, 2024.

In May, the U.K.’s National Cyber Security Centre (NCSC) issued an alert to critical national infrastructure (CNI) organizations warning of an emerging threat from state-aligned groups. The threat comes particularly from state-aligned groups sympathetic to Russia’s invasion of Ukraine and has emerged over the past 18 months.

The NCSC also revealed that some groups have stated an intent to launch ‘destructive and disruptive attacks’ and that CNI organizations should ensure they have taken steps outlined in the NCSC’s heightened threat guidance to strengthen their defenses.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures
MITRE's CREF Navigator aligns with DoD's CMMC to boost cyber resilience in defense industrial base
MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings