Energy systems and networks have recently been the subject of various cyber threats, according to numerous reports in the British media.
Last weekend The Times reported that supposed hackers linked to Russia’s GRU intelligence agency had targeted Ireland’s Electricity Supply Board by using malicious software attached to email.
The incident, under investigation by Ireland’s National Cyber Security Centre, was said to have been intended to infiltrate the control systems of the country’s electricity network.
This was followed by similar reports from technology website Motherboard, which reported on documents obtained from the UK’s National Cyber Security Council that cited attempts from hackers to infiltrate sections of energy infrastructure. The document, Motherboard claimed, included details of industrial control system organisations that were likely to have already been compromised.
Cyber security has risen in importance for the energy sector in recent months, particularly due to the rising levels of digitalisation in the energy market. This has coincided with some high-profile hacking attempts such as the attempt to access parliament email accounts earlier this summer.
A study conducted by PricewaterhouseCoopers in May this year found that commercial and industrial energy users were becoming increasingly concerned by potential data breaches from utility firms, with security of supply also high on the agenda.
This was followed by European trade body SolarPower Europe including data protection and cyber security amongst its central tenet commitments to digitalisation of the energy sector.
However, speaking at a lecture held earlier this year at Imperial College London, National Grid’s director of the UK system operator Cordi O’Hara insisted the UK’s transmission system was well protected.
“We have an extensive cyber programme within National Grid. Every business will have [cyber security] within its top risk register, we’re not the only ones with complex systems and data.
“My controls are classified as critical national infrastructure so they have a support system around it that is heavily integrated with the security interests of the UK. We take that incredibly seriously to the extent that we have our own monitoring facility. The threat is increasing for all of industry, not just the operation of the network, and that’s why we have increased investment and understanding to prevent and control cyber [attacks],” she said.