UK’s electricity organization Elexon Hacked, internal IT systems affected


Elexon faces Cyberattack on its internal IT systems, employees unable to send/receive emails

ELEXON is a private business that does comparisons on the number of electricity generators say they will produce and how much electricity suppliers say will be consumed. They also work out what the price difference is and transfer funds between parties.

The organization faces a cyberattack last week, after the attack, internal IT systems were affected heavily. Elexon reported on Thursday that it is facing a cyberattack. Elexon says its “central systems” were unaffected and that it has identified the “root cause”. Its 100+ London staff are unable to send or receive emails from official addresses.

“Malicious cyber actors are increasingly targeting unpatched Virtual Private Network vulnerabilities (including) an arbitrary code execution vulnerability in Citrix VPN appliances, known as CVE-2019-19781 [and]an arbitrary file reading vulnerability in Pulse Secure VPN servers, known as CVE-2019-11510.”

US Government agency said to Elexon yesterday

The organization takes over 1.25 million meter readings every day and handling £1.5 billion of customers’ funds each year

Elexon has not yet released an official statement to this attack. While successful network segmentation appears to have minimized the impact, market observers will be concerned at ransomware attacks creeping increasingly closer to CNI.


About Author

Be Ready for the challenge

Notify of
Inline Feedbacks
View all comments