• United States



UK Editor

UK National Grid plans to use honeypots to lure attackers, improve defences

Aug 31, 20233 mins
Critical InfrastructureNetwork Security

The critical infrastructure provider is looking for a security expert to help it set honeypots and plant false documents that appear valuable to attackers.

electrical infrastructure
Credit: Shutterstock

The UK's National Grid has revealed plans to use honeypots to catch attackers and improve its defences. The utilities provider, responsible for running the UK's gas and electricity networks, posted a contract worth more than ?1 million for a security expert to help it set honeypots and plant false documents that appear valuable to attackers online. The intent is to lure potential attackers into a controlled environment, so the National Grid can observe them and then block them from its systems.

A spokesperson for energy regulator Ofgem told The Telegraph that suppliers face new responsibilities under the recently updated Network and Information Systems Regulations. "We take cybersecurity incredibly seriously and work closely with energy suppliers to ensure they are doing everything they can to protect their systems and comply with their responsibilities."

UK CNI facing increasing cyber threats

This comes amid increasing cyber threats posed to UK critical national infrastructure (CNI), heightened by geopolitical and economic factors. In April, the UK National Cyber Security Centre (NCSC) issued an alert to CNI organisations warning of an emerging threat from state-aligned groups, particularly those sympathetic to Russia's invasion of Ukraine. The alert stated that newly emerged groups could launch "destructive and disruptive attacks" with less predictable consequences than those of traditional cybercriminals, with CNI organisations strongly encouraged to follow NCSC advice on steps to take when cyber threat is heightened.

In the same month, research by UK cybersecurity services firm Bridewell indicated that cost-of-living challenges could trigger a rise in cyberattacks and security risks impacting UK CNI, with over a third (34%) of organisations across UK CNI anticipating a rise in cybercrime as a direct result of the ongoing economic crisis.

Notable UK CNI security initiatives launched in 2023

The security of critical infrastructure has been high on the global agenda in 2023, with cyberattacks and other risks posing a persistent threat to the technologies and systems relied upon for essential services such as energy, food, electricity, and healthcare.

In response, multiple initiatives, programs, guidance, and standards have been launched this year to enhance the cybersecurity of critical systems and tackle the growing risks that threaten CNI. Vendors, governments, industry bodies, and nonprofits have all contributed, with information-sharing and collaboration a key theme of many efforts to increase cyber resilience across the CNI spectrum.

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past 8 years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author