Cyber attack against UK power grid middleman Elexon sparks in-house IT recovery efforts
Don't worry, you can still microwave your dinner – even if this smells of ransomware
An important middleman in the UK's electrical power grid has suffered a cyber attack, though the lights are still on across good old Blighty.
Elexon, which reconciles electricity supply to the National Grid and issues bills for undersupply or oversupply, was struck by what appears to be a partially contained ransomware attack, judging by its effects on the company's operations.
"We are advising you that today that Elexon's internal IT systems have been impacted by a cyber attack," the firm said in a market update yesterday. "The attack is to our internal IT systems and Elexon's laptops only. We are currently working hard to resolve this. However please be aware that at the moment we are unable to send or receive any emails."
Elexon later added that it had identified the "root cause" and was "taking steps to restore our IT systems".
As well as its internal IT network, Elexon is responsible for the UK's Balancing and Settlement Code (BSC) and the systems underpinning that, a process explained in depth on its website. Briefly, Elexon captures data to figure out whether power generation companies owe extra to National Grid for undersupplying at key times or whether the grid owes them cash for requiring less electricity than forecast.
A complex and vital market mechanism, any failure in the BSC would cause severe headaches for accountants trying to reconcile their figures. The financial side of the UK's electricity market is, however, well insulated from the wiggly amps making their way along the nation's cables.
The National Grid said in a Twitter post addressing Elexon's outage: "Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats."
Infosec specialist Jake Moore of antivirus firm ESET mused in a statement: "With all the hallmarks of ransomware, I would imagine they are in a dilemma as to if or how to pay. Obviously I would never recommend paying a ransom, but these days more and more companies are forced to pay to speed up the process of getting back to business as usual. However, this can be extremely costly to an organisation and it still doesn't confirm the data will be restored."
Problems with the National Grid tend to immediately grab public attention, and for good reason. Fluctuations in grid frequency, for example, can have earth-shattering – nay, train-halting – effects, as rail operator Thameslink found out the hard way in 2019, when almost its entire fleet of Siemens Desiro City trains sat down after the grid frequency dropped to 48.8Hz instead of its nominal 50.0Hz frequency, following a lightning strike. ®