National Grid plants ‘Honeyponts’ in efforts to secure energy infrastructure - Wireless Logic comments
August 2023 by Wireless Logic
The National Grid has announced* that it will plant false documents in order to counter a surge in cyber attackers. There are growing concerns that hostile states are attacking critical energy infrastructure, particularly as the sector is becoming more digitised, making it a top target for hackers. An attack on energy infrastructure can cause havoc to the whole of the UK, so it is essential that energy suppliers are able to detect and react to these attacks as quickly as possible.
Iain Davidson, Senior Product Manager at Wireless Logic, comments on the best practices for securing energy infrastructure:
“The National Grid are setting a great example of ensuring secure energy infrastructure. However, all energy companies should ensure they are following best practices in order to detect and defend against cyber threats. Energy infrastructure relies on cellular connectivity to transmit data so that energy companies can monitor and control devices in remote locations, track performance and act on alerts. However, as new and additional devices are deployed, they could present more pathways for potential cyberattacks. That is a significant risk and safeguards are needed to protect against unauthorised access to devices, networks, management platforms and cloud infrastructure. Weaknesses in any of these is a security problem.
“Given the ever-present threat of cyberattacks, connectivity providers play a fundamental role in securing the connections of energy infrastructure. The only way to mitigate the threat to infrastructure is to build security into every stage of product and process design. Comprehensive security defends against, detects, and reacts to threats. To defend, unauthorised access to devices, cloud infrastructure and data must be prevented. It should include secure communication, resilience against outages, software updates, data security policies and regulatory compliance. To detect any breach that occurs, companies must have device monitoring in place and analyse their network traffic. To react, companies must be prepared and have automated countermeasures in place.
“All of that said, companies such as the National Grid must also rehearse. There is no substitute for it. It prepares companies to take swift action should they need to, because they have rehearsed the scenario, they know what it looks like, and they have a plan ready to implement. Rehearsal can also help identify weak areas that, if addressed, could avert a problem occurring in the first place. Only then can the government and energy companies ensure energy infrastructure is fit for now and the future.”