Elexon faces Cyberattack on its internal IT systems, employees unable to send/receive emails

ELEXON is a private business that does comparisons on the number of electricity generators say they will produce and how much electricity suppliers say will be consumed. They also work out what the price difference is and transfer funds between parties.

The organization faces a cyberattack last week, after the attack, internal IT systems were affected heavily. Elexon reported on Thursday that it is facing a cyberattack. Elexon says its “central systems” were unaffected and that it has identified the “root cause”. Its 100+ London staff are unable to send or receive emails from official addresses.

“Malicious cyber actors are increasingly targeting unpatched Virtual Private Network vulnerabilities (including) an arbitrary code execution vulnerability in Citrix VPN appliances, known as CVE-2019-19781 [and]an arbitrary file reading vulnerability in Pulse Secure VPN servers, known as CVE-2019-11510.”

US Government agency said to Elexon yesterday

We’re aware of a cyber attack on ELEXON’s internal IT systems. We’re investigating any potential impact on our own IT networks. Electricity supply is not affected. We have robust cybersecurity measures across our IT and operational infrastructure to protect against cyber threats. https://t.co/7R2NeIB57l

— National Grid ESO (@ng_eso) May 14, 2020

The organization takes over 1.25 million meter readings every day and handling £1.5 billion of customers’ funds each year

Elexon has not yet released an official statement to this attack. While successful network segmentation appears to have minimized the impact, market observers will be concerned at ransomware attacks creeping increasingly closer to CNI.