View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

High Voltage Attack: EU’s Power Grid Organisation Hit by Hackers

"Solving grid cybersecurity issues is really complex rocket science"

By CBR Staff Writer

The organisation responsible for overseeing the operations of Europe’s high voltage power infrastructure has been hacked.

ENTSO-E, formed in 2008, represents 42 Transmission System Operators (TSOs) across 35 member states.

TSOs run high voltage power networks, providing grid access to customers including generators and distributors.

They are central to keeping the lights on across Europe, and regulatory attention has increasingly focussed on their cybersecurity.

The organisation said tersely on March 9 that it had “recently found evidence of a successful cyber intrusion into its office network.”

ENTSO-E’s role includes “coordinating measures for protection of critical infrastructure” and “developing and maintaining communication infrastructure” including a real-time data exchange communication network.

ENTSO-E’s own Secretary General Laurent Schmitt in January noted that “solving grid cybersecurity issues is really complex rocket science requiring to develop [sic] cross functional collaboration.”

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

EU Power Grid Organisation Hacked: “No Operational TSO Systems Connected”

“It is important to note that the ENTSO-E office network is not connected to any operational TSO system”, ENTSO-E said this week.

“Our TSO members have been informed and we continue to monitor and assess the situation. A risk assessment has been performed and contingency plans are now in place to reduce the risk and impact of any further attacks”.

The organisation did not share details on the intrusion type or initial vector.

Finland’s TSO Fingrid said: “As a result of this security attack, the issuing time for the EIC codes issued by Fingrid may be longer than usual.”

(EIC codes are 16-character code used in Europe to identify entities participating in cross-border electricity and gas trading).

“The incident only affects file exchange policies between Fingrid and ENTSO-E”, Fingrid added.

A Tasty Target?

ENTSO-E would no doubt make an enticing target for an organisation seeking market intelligence, as well potentially hostile reconnaissance.

Security firm Dragos noted that attackers have previously targeted trusted connections between vendors, contractors, and other entities and ultimate targets.

It said: “[Such organisations do not] manage or control any industrial assets but are linked to various ICS entities for regulatory or similar reasons.

“Based on this connection, a successful intrusion at one of the victim entities could be leveraged to facilitate follow-on access or exploitation at supported utility organizations.”

The EU’s own European Network for Cyber Security (ENCS) has emphasised that “TSOs run some of the most critical of critical infrastructure, transmitting power across distances and borders and keeping grids balanced.

“If they were compromised by a cyber attack, a lot of people would find themselves in the dark.”

See also: New Intel CPU Vulnerability: Is “Load Value Injection” a Real Threat?

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.