Elexon

Elexon operates as the central market operator for the Great Britain electricity market, a role that involves administering the financial and contractual arrangements between electricity generators and suppliers. The company manages the core systems that calculate and settle payments for the power traded across the national grid, ensuring the commercial mechanisms of the UK's electricity supply chain function smoothly. Its responsibilities are confined to the wholesale market's financial settlement processes, a distinct function from the physical operation of the transmission network managed by National Grid. This positioning makes Elexon a critical, albeit non-operational, component of the nation's energy infrastructure, facilitating the economic transactions that underpin power generation and retail supply. The organisation's work is fundamental to the market's integrity, processing billions in transactions annually to ensure generators are paid and suppliers are charged accurately for the electricity produced and consumed.

The company's reliance on internal IT infrastructure was starkly highlighted by a significant cyber incident on 14 May 2020. Attackers compromised Elexon's internal IT environment, affecting employee laptops and email systems, though the separate, secured systems controlling the physical electricity transmission remained completely unaffected. The attack, assessed as ransomware, caused substantial disruption to the company's internal administrative and settlement support operations. The root cause was identified as an unpatched vulnerability, CVE-2019-11510, in an outdated Pulse Secure VPN server, a flaw that had been publicly warned about by security researchers for months prior. National Grid, the separate entity responsible for the transmission system, publicly confirmed that the incident did not and could not disrupt national power supplies, as the attacked systems were not connected to grid control. Elexon subsequently initiated a recovery process to restore its compromised internal systems, an event that underscored the specific risk to market administration functions from cyber threats targeting corporate IT rather than operational technology.