Blog by Chris Flynn, Arcanum Cyber Security Consultant.
The cyber-attack on Elexon this week should serve as a warning to the UK’s critical national infrastructure (CNI). It has been noted by thinktank RUSI that cyber-attacks have been on the rise during the CoViD-19 pandemic – we must remain vigilant. [1]
Elexon provides a financial services role to the UK electricity market. They are seen to be a key ally to the National Grid and reportedly manage around £1.7 Billion worth of transactions per year [2]. The company matches supply to demand, thereby enabling payments between electricity producers/generators and electricity suppliers.
The attack has further bolstered the USA’s stance on the threat faced by electricity-based critical national infrastructure – should the UK be adopting a similar stance? [3]
Whilst details on the attack are scant, a couple of issues are clear. Elexon has lost the use of its email system and Elexon’s internal IT has been affected. On a positive note, National Grid has stated that electricity supply is unaffected thanks to their own ‘robust cyber-security’. [4]
A similar threat vector was seen in the attacks on Ukraine’s national electricity production and distribution systems in the Sandworm attacks. These attacks utilised stolen NSA hacking tools and a widely-used financial system to spread malware to Ukraine’s CNI [5]. The attacks had a significant effect on Ukraine and were widely attributed to Russian-state actors.
With scant information available about the actual vector used to breach Elexon’s systems, we should view the attack as a warning shot across our bows. A cyber-attack is never far away and can lead to operational closures, reputational damage, and financial hardship.
Where CNI is concerned we must focus on the NCSC’s principles set out in the Cyber Assessment Framework (CAF) [6]. Proper policy, backed by robust administrative, physical and technical controls will assist the UK in keeping the lights on.
As a National Cyber Security Centre (NCSC) Certified Consultancy, Arcanum has significant experience of CAF Assessments and implementing proper practices to help protect UK CNI. We have a team of expert cyber security consultants on hand to support you.
Please note Arcanum Cyber Security are still fully operational.
Get in touch with Arcanum by phone: 01558 669140 or email: admin@arcanum-cyber.com
Sources:
[1] Rusi.org
[2] The Telegraph
[3] Reuters
[4] National Grid Twitter statement
[5] Wired.com
[6] ncsc.gov.uk