London Honeypots Being Attacked 2000 Times Per Minute

By   Adeola Adegunwa
Writer , Informationsecuritybuzz | Feb 28, 2023 03:46 am PST

Following the discovery of 91 million threats over the course of 28 days in January, security experts have warned that remote employees in the capital of the UK are under constant cyberattacks.

In order to determine the extent of cyber-threat to businesses operating in the area, the Insurer Coalition set up a number of honeypots as part of a project with the police nonprofit Cyber Resilience Centre for London.

“In order to understand threat actors and their techniques, we deploy honeypots. Simon Bell, a UK security expert for the Coalition, compared it to using a fake car to draw car thieves.

“After the attack occurs, we can observe the cybercriminal’s search for weaknesses and their attempts to exploit them. In this test, our honeypots received IP addresses pointing to raw data centers in London.

The investigation found that the London honeypots were the focus of 2000 attempts per minute, 85% of which attempted to intercept remote desktop connections used by workers who were not in the office.

Attacks were linked to 101,000 distinct threat actors, with Russia being the main country responsible for the majority of them, followed by Bulgaria, Monaco, and Panama. The coalition was quick to point out that many threat actors use VPNs routed through other nations to conceal their true locations.

In Bell’s opinion, the research demonstrated how home working had greatly increased the corporate attack surface.

The Cyber Resilience Centre for London’s CEO, Simon Newman, welcomed the study as a fantastic opportunity to learn more about the threat environment.

This enables us to provide current advice specifically tailored for our membership base of SMEs, who comprise 99.8% of enterprises in the capital, he continued.

It also aids in highlighting the scope of the threat to the business community, which in turn supports our ability to continue our vital work through partnerships and financial assistance.

One of nine regional centers of its kind in the UK, the Cyber Resilience Centre for London is committed to lowering the cyber risk for SMEs and non-profit organizations. It cooperates with the City of London Police, the Metropolitan Police, the British Transport Police, and the Mayor’s Office for Policing and Crime.


After tracking 91 million threats over a 28-day period in January, security experts have cautioned that teleworkers in the British capital are under constant bombardment. The Insurer Coalition set up a number of honeypots as part of a project with the police-affiliated Cyber Resilience Center for London to determine the severity of cyber threats facing local businesses.

“We employ honeypots to find out more about threat actors’ techniques. Similar to employing fake cars to entice car thieves, according to Simon Bell, a UK security expert at Coalition. “After the attack has occurred, we can observe the weaknesses the hacker is seeking and the methods they use to exploit them. In this test, IP addresses for physical data centers in London were assigned to our honeypots. 2,000 attempts were made each minute on the honeypots, with 85% of these attempting to intercept remote desktop connections used by workers who were not in the office.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x