Concern over cyber-attacks on power stations and electricity grids is 'off the scale' in the UK energy sector, according to Steve Holliday, former chief of National Grid. He told the Guardian that no other country's energy industry is as worried about cyber threats, such as the WannaCry ransomware attack that recently hit the NHS.
Holliday attributed the heightened risk to the shift from well-protected, centralised large power stations towards decentralised power sources, including small, flexible gas plants and home solar panels. He also noted the growing number of web-connected devices in energy technology as a vulnerability.
Smart meters, being installed in every UK home by 2020, are a potential target. However, Matt Roderick, chief technology officer of the Capita-run Data Communications Company (DCC), which handles the data, insists the system is secure: 'We don’t hold personal information, we don’t see any form of sensitive data and we are not connected to the internet.'
Holliday's warning follows a 'sustained and determined' cyber-attack on UK parliament that left MPs unable to access emails. Energy UK, the industry trade body, stated that a central system logs threats to enable rapid countermeasures, adding that 'maintaining the highest level of security against cyber threats is a top priority.'
The concern extends beyond power to oil and gas. BP chairman Carl-Henric Svanberg said cyber is 'high on the agenda' and a key risk, though the company was not affected by WannaCry due to adherence to update procedures. BP's chief financial officer Brian Gilvary noted a strategy of repelling, detecting, and cleansing breaches.
A PricewaterhouseCoopers survey found that 65% of UK businesses are 'significantly concerned' about cyber risks to energy technology, with three in five likely to switch energy supplier following a breach. The issue has also been raised at global forums, including the World Energy Council's Munich conference and the Scottish parliament.



