Foreign hackers have penetrated the UK’s critical national infrastructure, including parts of the national grid, a leaked document has revealed.
The document, produced by the UK’s National Cyber Security Centre (NCSC), says the intelligence and security agencies believe attackers have compromised organisations connected to the UK grid.
The eight-page file – excerpts of which were published by Vice Motherboard – was created as part of the data-sharing efforts between government and industry spearheaded by the NCSC, a part of GCHQ.
It warns that the agency has detected signs of foreign interference within the energy sector.
“The NCSC is aware of connections from multiple UK IP addresses to infrastructure associated with advanced state-sponsored hostile threat actors, who are known to target the energy and manufacturing sectors,” it says.
It later adds: “NCSC believes that due to the use of wide-spread targeting by the attacker, a number of Industrial Control System engineering and services organisations are likely to have been compromised.”
While there is no speculation regarding the “threat actors” within the document itself, attacks on power grids have been very rare to date.
The first known successful attack directly targeting a power grid took place in Ukraine in December 2015 and resulted in the electricity supply being disrupted for 230,000 residents.
It is not yet known what the hackers who have compromised the supply chain of the UK’s power grid are able to do with their access.
There is also no established response from NATO states in regard to hackers compromising critical national infrastructure, because a compromise of a system is not quite the same as an attack on them.
The compromise itself is usually considered to be an espionage activity – it gives the “threat actor” visibility into the system and how the system works, and NATO has long considered espionage to be an acceptable state behaviour.
However, due to the control an attacker can exert once they have embedded a probe within a target system, such compromises are also the first step towards launching a physical attack.
A spokesperson for NCSC told Sky News: “We are aware of reports of malicious cyber activity targeting the energy sector around the globe.
“We are liaising with our counterparts to better understand the threat and continue to manage any risks to the UK.”