‘Ruthless’ Iranian and Russian hackers target UK journalists and politicians

Officials warn Iranian and Russian hackers have been “ruthlessly” trying to steal sensitive information from British journalists and politicians.

The National Cyber Security Centre (NCSC), part of GCHQ, issued a fresh alert on increased hacking attempts directed at individuals and groups, though not at members of the public.

“The Russia-based SEABORGIUM (Callisto Group/TA446/COLDRIVER/TAG-53) and Iran-based TA453 (APT42/Charming Kitten/Yellow Garuda/ITG18) actors continue to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other areas of interest, for information gathering activity,” NCSC’s alert stated.

Targets were usually those doing research and work on Iran and Russia, the NCSC said.

It added that the hacking campaigns were separate but the alert was being issued on both due to their use of similar techniques and targets.

Spear-phishing involves hackers building trust with victims by impersonating real contacts before sending meeting invitations containing malicious code, which once clicked on, allow the hackers access to sensitive information.

NCSC’s director of operations Paul Chichester urged potential targets to use the centre’s advice to protect themselves.

He said: “The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks.

“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems.

“We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”

The centre advised the use of strong passwords, multi-factor authentication and email vigilance including disabling mail-forwarding to reduce the risk of being hacked.

The Government has vowed to update the UK’s cybersecurity laws amid increasing levels of cyber attacks targeting critical infrastructure in countries around the world as a way of inflicting substantial damage on entire nations.

The Government said in late November the updates would be made as soon as parliamentary time allows.

At the time, the NCSC said the cyber security threat to the UK had “evolved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally co-ordinated response.