‘Ruthless’ Iranian and Russian hackers target UK journalists and politicians

The Government has vowed to update the Britain’s cybersecurity laws amid increasing levels of cyber attacks.
Officials warn Iranian and Russian hackers have been ‘ruthlessly’ trying to steal sensitive information from British journalists and politicians (Tim Goode/PA)
PA Wire
Benjamin Cooper26 January 2023

Officials warn Iranian and Russian hackers have been “ruthlessly” trying to steal sensitive information from British journalists and politicians.

The National Cyber Security Centre (NCSC), part of GCHQ, issued a fresh alert on increased hacking attempts directed at individuals and groups, though not at members of the public.

“The Russia-based SEABORGIUM (Callisto Group/TA446/COLDRIVER/TAG-53) and Iran-based TA453 (APT42/Charming Kitten/Yellow Garuda/ITG18) actors continue to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other areas of interest, for information gathering activity,” NCSC’s alert stated.

Targets were usually those doing research and work on Iran and Russia, the NCSC said.

It added that the hacking campaigns were separate but the alert was being issued on both due to their use of similar techniques and targets.

Spear-phishing involves hackers building trust with victims by impersonating real contacts before sending meeting invitations containing malicious code, which once clicked on, allow the hackers access to sensitive information.

NCSC’s director of operations Paul Chichester urged potential targets to use the centre’s advice to protect themselves.

He said: “The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks.

“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems.

“We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”

The centre advised the use of strong passwords, multi-factor authentication and email vigilance including disabling mail-forwarding to reduce the risk of being hacked.

The Government has vowed to update the UK’s cybersecurity laws amid increasing levels of cyber attacks targeting critical infrastructure in countries around the world as a way of inflicting substantial damage on entire nations.

The Government said in late November the updates would be made as soon as parliamentary time allows.

At the time, the NCSC said the cyber security threat to the UK had “evolved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally co-ordinated response.

Create a FREE account to continue reading

eros

Registration is a free and easy way to support our journalism.

Join our community where you can: comment on stories; sign up to newsletters; enter competitions and access content on our app.

Your email address

Must be at least 6 characters, include an upper and lower case character and a number

You must be at least 18 years old to create an account

* Required fields

Already have an account? SIGN IN

By clicking Create Account you confirm that your data has been entered correctly and you have read and agree to our Terms of use , Cookie policy and Privacy policy .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in