UK Power Grid Administrator Elexon Struck By Cyber-Attack

Elexon, a key part of the UK’s power grid supply chain, has been hit by a suspected cyber-attack.

The incident on Thursday 14 May is only said to have impacted the firm’s internal IT systems and didn’t have any bearing on the nation’s electricity supply.

Elexon plays a vital role in Britain’s electricity trading market by overseeing the payment process between power generators and National Grid ESO.

It administers the Balancing and Settlement Code (BSC), a complex mechanism that monitors the amount of power generated by energy companies and whether it matches what National Grid expects to receive, ensuring they get paid the correct amount.

As part of the process, Elexon takes more than one million meter readings a day, using the information to calculate whether the power generation companies owe the grid for undersupply or whether the network needs to pay them for requiring less electricity than forecast. It also administers the payments, transferring funds between the various parties.

In addition, the firm also handles Electricity Market Reform (EMR) and capacity market payments used to keep the grid balanced.

Elexon Confirms The Breach

In a statement, the firm admitted that its internal IT systems and laptops had been hit by the hack, leaving it unable to send or receive any emails. Elexon claimed to have identified the problem within a few hours and was “taking steps to restore our IT systems”.

However, the systems for administering BSC and EMR weren’t hit.

Our internal IT systems have been impacted by a cyber-attack. BSC Central Systems and EMR are currently unaffected. Please note that we are currently unable to send or receive any emails. See more information here: https://t.co/yMgj5PF8PT. Apologies for any inconvenience.

— ELEXON UK (@ELEXONUK) May 14, 2020

System operator National Grid ESO was aware of the incident but stressed the attack hadn’t come close to compromising the security of supplies.

We’re aware of a cyber attack on ELEXON’s internal IT systems. We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats. https://t.co/7R2NeIB57l

— National Grid ESO (@ng_eso) May 14, 2020

The breach comes just a few weeks following a ransomware attack on utility company Energias de Portugal (EDP). Hackers stole 10 terabytes of sensitive data and demanded nearly $11 million to stop selling or publishing the information.

Fears are growing that the ongoing coronavirus pandemic is making critical infrastructure such as electricity networks an even bigger target than usual for cyber-criminals.