“ELEXON” Announced Security Incident but Crucial Services Remain Up

  • ELEXON employees are unable to access their communications and email server, following a cyber-attack.
  • The firm hasn’t clarified what happened, but many believe this is the result of a ransomware attack.
  • The electric load balancing firm was very likely using an outdated and vulnerable Pulse Secure VPN installation.

ELEXON has announced a cyberattack on its internal IT systems, and they are currently in the process of resolving the issue. The electricity energy balancing company that is so crucial for the British market is now unable to receive or send emails. Still, the company’s balancing (BSC) and EMR services remain up and running. If you absolutely need to contact them, you may do so by reaching out to an externally hosted help desk at 0370 010 6950 or via email to bscservicedesk@cgi.com.

The company said on Twitter that the root cause of the IT trouble was identified, but they have not provided any clarifications on what happened. Judging by the effects, we could assume that only their email server was targeted, possibly from a catastrophic ransomware attack. Another potential cause of the loss of communications would be employees losing access to the VPN server through which they can access the firm’s internal network. This is precisely where things start to get interesting, even without ELEXON having provided actual details.

Recent scans conducted by “Bad Packets” indicated that ELEXON was using an outdated version of the Pulse Secure VPN server. The vulnerabilities that could be exploited to gain access to this server are known since last summer, thanks to the work of “Devcore” researchers. However, ELEXON was registering as vulnerable on the scans until at least March 2020. Only yesterday, we wrote about the top 10 most exploited vulnerabilities that organizations should patch immediately, and the “CVE-2019-11510” concerning the Pulse Connect Secure product was on the top for 2020. We can’t tell for sure if ELEXON was still running an outdated Pulse Secure VPN installation since the last scan coming from Bad Packers occurred over a month ago, but the pieces fit.

On a positive note, the UK may continue to enjoy electric power balancing services from ELEXON without any problems, so network segmentation has saved the day this time. However, private entities that play a critical role in the public infrastructure and control the well-being of whole nations should be complied to provide more information about what happened when security incidents occur. Finally, using outdated VPN products nine months after the discovery of the flaws and after numerous warnings coming from all directions isn’t creating a very good image for the company, no matter how you see it.


Recent Articles

50 (Out of 74) Providers Still Run VPN Servers in Hong Kong

UPDATE: We’ll continue updating this article as we receive more responses and new information from VPN providers. So please bookmark this page and check...

Get ExpressVPN 30 Days Risk-Free Trial Account on All Your Devices

ExpressVPN always has been and continues to be one of the top providers on the market. Even so, many of you would probably still...

2020 UEFA Champions League Live Stream: How to Watch Every Game, TV Schedule

Champions League is back! After months of keeping our fingers crossed, hoping that football would be back on the TV screens, it is finally...