The energy sector in the UK has likely been targeted by “state-sponsored” hackers, a leaked report issued by GCHQ’s National Cyber Security Centre (NCSC) has warned.
Some control systems may have already been “compromised”, according to the document, which was passed on to the tech publication Motherboard by an industry source.
“The NCSC is aware of connections from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors, who are known to target the energy and manufacturing sectors,” it reportedly states.
“NCSC believes that due to the use of wide-spread targeting by the attacker, a number of industrial control system engineering and services organisations are likely to have been compromised.”
The document says the organisations form part of the supply chain for critical national infrastructure and that some probably have remote access to key systems. The wave of suspected attacks began on 8 June and may have targeted the water sector as well.
The news comes after the Times reported last week that group of hackers linked to Russia’s GRU intelligence agency had attempted to infiltrate energy control systems in the Republic of Ireland.
Emails containing malicious software were sent to senior engineers at the state-owned energy firm ESB. Security experts told the paper that although there was no evidence of disruption to the power grid in Ireland, the attackers had probably obtained important information including engineers’ passwords.