The U.K. government is one step ahead of hackers trying to turn off the country’s lights -- for now.
The prospect of cyber-attacks on the nation’s power network is a major threat to the country’s security, according to James Arbuthnot, a member of parliament who chaired the Defense Select Committee until last year. He plans to visit National Grid Plc next month to discuss the issue.
“Our National Grid is coming under cyber-attack not just day-by-day but minute-by-minute,” Arbuthnot, whose committee scrutinized the country’s security policy, told a conference in London last year. “There are, at National Grid, people of very high quality who recognize the risks that these attacks pose, and who are fighting them off,” he said, “but we can’t expect them to win forever.”
Britain’s electricity transmission network is constantly subject to cyber-attack and threats to infrastructure will remain high over the next few months, the nation’s Computer Emergency Response Team statistics show. More resources are being funneled towards combating the attempted intrusions: the Cabinet Office said on Dec. 12 it is increasing spending on its cyber-security program to 860 million pounds ($1.3 billion) from an original 650 million pounds planned over four years from 2011.
Cyber-attacks on critical infrastructure are an increasing threat across the globe, according to Moscow-based security firm Kaspersky Lab, which advises governments and businesses. Revelations of an oil pipeline explosion in Turkey orchestrated by computer in 2008 and the attack on Sony Pictures Entertainment demonstrate the increasing ability of hackers to penetrate IT systems. An attack on the grid would be uniquely destructive since the economy would cease to function without it, Arbuthnot said.
The U.S. grid was successfully hacked in November by several foreign governments -- likely Russia, Iran and China -- leaving it vulnerable to physical damage, the National Security Agency said. A report by Mountain View, California-based cyber-security company SentinelOne predicts that such attacks will disrupt American electricity in 2015.
National Grid, which also operates in the northeast U.S., declined to say whether it was one of the companies targeted in November, but works closely with the U.S. on security issues.
“We work very hard in concert with the industry, in concert with the security services in both the U.K. and the U.S. to make sure that we’ve got the protection we need in place to keep any intruders out of our networks,” National Grid Chief Executive Officer Steve Holliday said in an interview after the company’s first-half earnings. “When you run essential pieces of infrastructure, it’s very high on your agenda.”
National Grid dropped 1.1 percent to close at 922.5 pence in London trading today.
A spokesman at the Home Office, the government department that oversees the U.K.’s domestic intelligence agencies, declined to comment on how often the grid encounters cyber-attacks.
Protection of infrastructure is drawing increased attention within Britain’s security apparatus.
The U.K.’s Government Communications Headquarters, or GCHQ, one of the main bodies responsible for preventing and responding to cyber-attacks, will be expanding a program to share cyber-crime intelligence in the coming year, the Cabinet Office said in a briefing on the third anniversary of its cyber-security strategy in London.
Threats to the grid have “probably gone from a low level to now taking up much of the time” of GCHQ, Charlie Edwards, national security and resilience director at the Royal United Services Institute said in an interview in London. Energy companies face an “ongoing, constant, relentless war,” he said.
Security experts said last year that measures to make the electricity grid greener are boosting its vulnerability to computer hacking since new wind farms, solar panels and smart meters mean there are additional portals to be breached.
“The energy grid today is vulnerable from all degrees,” Slava Borilin, critical infrastructure business manager at Kaspersky, said in an e-mail. “Its electricity production is under threat of interruption and down-time from breaches of industrial control systems.”
A number of countries and non-state actors may be trying to hack U.K. infrastructure.
Intrusions from China and Russia are probably “espionage and not destructive, which is not to say that they couldn’t use the information in the future,” Royal United Services Institute cyber-security expert Robert Pritchard said in a telephone interview from London.
China could be perusing the grid via cyber-attack in order to steal U.K. techniques, “but for countries like North Korea, actually causing some disruption is something worth doing,” he said. The U.S. government has alleged North Korea is responsible for hacking Sony.
The most successful types of hacks -- which are probably those that infiltrated the U.S. grid -- get into the core of the system while remaining undetected, said David Livingstone, Chatham House international security fellow.
Criminals are recruited on the dark web and disappear after the hack is complete, he said. They could be anyone from eco-terrorists trying to shut down a nuclear power station to nation-states storing information for future use.
“Espionage is in many cases just a preparation stage for sabotage,” Borilin said. “The high rate of advanced persistent threats found in all infrastructure sectors will lead more and more to their conversion into destructive weapons -- a trend we’re seeing already.”