National spy agency GCHQ has warned energy companies that they were "likely to have been compromised" in cyber attacks on 8 June while the UK held its election, the Daily Telegraph reports, citing a leaked report.
Although there is mention of "state-sponsored" cyber attacks, GCHQ did not explicitly name the state thought to be responsible. Experts told the Telegraph they believed that "the Kremlin was behind the attack".
Article continues belowThe Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The reports come after news that Russian hackers targeted the Republic of Ireland’s energy sector last month intending to infiltrate control systems. This would have allowed them to knock out parts of the power grid in Northern Ireland, The Times reports.
Senior engineers at Ireland’s Electricity Supply Board were targeted by a group understood to have ties to the Kremlin’s GRU intelligence agency. The hackers sent emails to staff that contained malicious software, The Times says.
Motherboard, a division of Vice news that has also seen the GCHQ report, said it was issued "after the FBI and Homeland Security warned hackers had targeted US energy firms too".
Motherboard says the UK attack may have been designed not to disrupt, but to harvest usernames and passwords. "Specifically with the intrusions reported in the NCSC [National Cyber Security Centre] document, the infrastructure in organizations is connecting to a set of malicious IP addresses using SMB, a data transfer protocol, as well as HTTP," the GCHQ document said, according to Motherboard.
"The report suggests that the hackers may be trying to capture victims' passwords, and provides a set of mitigations for victims, such as turning on multi-factor authentication for industrial systems."