Authorities warn that Iranian and Russian hackers are trying to “brutally” steal sensitive information from British journalists and politicians.
The National Cyber Security Center (NCSC), part of GCHQ, has issued a new warning about the increasing number of hacking attempts aimed at individuals and groups, if not the public.
“Russia-based SEABORGIUM (Callisto Group/TA446/COLDRIVER/TAG-53) and Iran-based TA453 (APT42/Charming Kitten/Yellow Garuda/ITG18) actors continue to successfully use targeted phishing attacks against targeted organizations and individuals. UK and other areas of interest for information gathering activity,” the NCSC’s warning stated.
The NCSC said targets are usually people who research and work on Iran and Russia.
He added that the offensive campaigns are separate, but both have been given warnings because they use similar techniques and targets.
Spear-phishing involves hackers building trust with victims by impersonating real people before sending meeting invitations that, once clicked, contain malicious code that allows hackers to access sensitive information.
Paul Chichester, NCSC’s director of operations, urged potential targets to use the center’s recommendations to protect themselves.
“The UK is committed to exposing malicious cyber activity, together with our industry partners, and this advisory raises awareness of the persistent threat posed by spear phishing attacks.
“These campaigns of threat actors based in Russia and Iran relentlessly pursue their targets with the aim of stealing online credentials and compromising potentially sensitive systems.
“We strongly encourage organizations and individuals to be alert to potential approaches and to follow the mitigation recommendations in the advisory to protect themselves online.”
The center recommended the use of strong passwords, multi-factor authentication and email vigilance, including disabling mail forwarding, to reduce the risk of being hacked.
The government has pledged to update the UK’s cybersecurity laws amid rising levels of cyberattacks targeting critical infrastructure in countries around the world as a way to cause significant harm to all nations.
The government said updates would be made in late November as soon as parliamentary time allows.
At the time, the NCSC said the cybersecurity threat to the UK had “improved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally coordinated response.