Hackers breached administrative IT systems of European power grid organisation

ENTSO-E's members include 42 electric transmission industry operators across 35 European countries

European power grid organisation ENTSO-E has disclosed that its administrative IT systems were recently cracked in a cyber attack, although it has claimed that its operational transmission system operator (TSO) systems were not affected.

ENTSO-E (the European Network of Transmission Systems Operators for Electricity) is based in Brussels, Belgium and its members include 42 electric transmission industry operators across 35 European countries. ENTSO-E's main responsibility is to ensure coordination among its member TSOs to deliver steady electricity across the EU power marketplace.

In a statement, ENTSO-E said that it has found evidence of a successful cyber intrusion into its office network.

An assessment was performed following the cyber attack, and proper contingency plans were also put in place to minimise the risk of further attacks.

ENTSO-E's office network is not connected to any operational TSO system, which means that the impact of the attack was confined to only some specific IT systems, and it didn't affect critical control systems.

"Our TSO members have been informed and we continue to monitor and assess the situation," the organisation added.

ENTSO-E didn't specify when the cyber was incident noticed, and which group might be responsible for the attack.

Fingrid, the Helsinki-based TSO, told CyberScoop that the breach didn't have "any influence on Fingrid's customers or other stakeholders," although it admitted that the attack might delay release of Energy Identification Codes that are used to support trading on the European electricity market.

"The incident only affects file exchange policies between Fingrid and ENTSO-E," it added.

ENTSO-E is not the only or the first power grid organisation in the world that hackers have tried to target to disrupt the power supply.

In 2013, a Congressional report claimed that American utility providers were under constant assaults from hackers, with one electricity firm reporting 10,000 attempted cyber attacks in a single month.

In 2016, Russian hackers launched cyber attacks against Ukraine's power grid to physically damage transmissions stations and disrupt power supplies in the country. The attacks caused a quick blackout in most parts of Kyiv city.

Earlier this year, it was reported that Iran-linked threat groups had intensified password-spraying attacks to target US electric utilities following increased tension between the two countries.

In June last year, the New York Times also claimed that American Cyber Command had deployed malware into Russian power grid systems to potentially conduct cyber attacks in the event of a major conflict with Russia.