National Grid, the UK electricity and gas utility company, also operating in New York and Massachusetts, is advertising a million-pound vacancy for a cyber specialist to set ‘honeypots’ in its network systems to wrongfoot hackers and misdirect incoming attacks on critical energy infrastructure. The contract suggests it is looking to place “false documents” to lure hackers into controlled environments to be observed and blocked, according to reports.
The story, which appeared in The Daily Telegraph, and subsequently in various trade publications, notes the rise in major attacks on global national infrastructure, including devastating attacks on the Colonial Pipeline in the US and the Irish Health Executive in Ireland, both in 2021. S&P Global Market Intelligence says cyber attacks on energy and commodities infrastructure spiked last year, since the fall-out of the Russia-Ukraine war.
Almost a third (13 out of 45) cyber incidents in the energy sector since 2017 took place in the first half of 2022, it calculates. Anecdotally, the Center for Strategic and International Studies features a list of cyber attacks on national infrastructure, more generally, which says there were 11 major incidents in July 2023, nine in June 2023, six in May, and 11 in April. National infrastructure operators are concerned that creeping digitisation, with more pervasive wireless networks driving IoT-connected assets, is opening up attack vectors and vulnerabilities to hostile actors.
A well-timed public relations offensive from UK-based IoT MVNO Wireless Logic seized on the news (ad placement) from National Grid, to declare that “hostile states are attacking critical energy infrastructure, particularly as the sector is becoming more digitised”. It said: “An attack on energy infrastructure can cause havoc to the whole of the UK, so it is essential that energy suppliers are able to detect and react to these attacks as quickly as possible.”
The firm noted energy infrastructure “relies on cellular connectivity” to transmit data so that companies can monitor and control devices in remote locations, track performance, and act on alerts. In an extended response, Iain Davidson, senior product manager at Wireless Logic, said: “As new and additional devices are deployed, they could present more pathways for potential cyberattacks. That is a significant risk.
“Safeguards are needed to protect against unauthorised access to devices, networks, management platforms and cloud infrastructure. Weaknesses in any of these is a security problem. Given the ever-present threat of cyberattacks, connectivity providers play a fundamental role in securing the connections of energy infrastructure. The only way to mitigate the threat to infrastructure is to build security into every stage of product and process design.”
He went on: “Comprehensive security… should include secure communication, resilience against outages, software updates, data security policies and regulatory compliance… Companies must have device monitoring in place and analyse their network traffic… [They] must… have automated countermeasures in place… That said, [they] must also rehearse. There is no substitute for it. It prepares companies to take swift action should they need to.”
