Britain’s energy grid targeted by hackers

Hackers have “probably compromised” Britain’s energy grid, according to a memo from Britain’s National Cyber Security Centre (NCSC).

The newly formed subsidiary of GCHQ says it has spotted connections “from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors, who are known to target the energy and manufacturing sectors”.

This comes from Motherboard, which obtained a copy of the document that implies direct connections are being made between computers in the UK’s energy sector and the attacker’s command-and-control apparatus.

Both the Windows data-transfer protocol SMB, and the web backbone HTTP, were used to infer the connections, Motherboard says.

The memo reads: “NCSC believes that due to the use of widespread targeting by the attacker, a number of industrial control system engineering and services organisations are likely to have been compromised.”

When approached, the NCSC neither confirmed nor denied the authenticity of the memo.

However, it did tell the BBC: “We are aware of reports of malicious cyber-activity targeting the energy sector around the globe.”

It added that the agency is liaising with its counterparts to better understand the threat and continue to manage any risks to the UK.

If genuine, the attack would make the UK the third country in the last week to note state-sponsored intrusion of its power grid.