‘Ruthless’ Iranian and Russian hackers target UK journalists and politicians
The Government has vowed to update the Britain’s cybersecurity laws amid increasing levels of cyber attacks.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Officials warn Iranian and Russian hackers have been “ruthlessly” trying to steal sensitive information from British journalists and politicians.
The National Cyber Security Centre (NCSC), part of GCHQ, issued a fresh alert on increased hacking attempts directed at individuals and groups, though not at members of the public.
“The Russia-based SEABORGIUM (Callisto Group/TA446/COLDRIVER/TAG-53) and Iran-based TA453 (APT42/Charming Kitten/Yellow Garuda/ITG18) actors continue to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other areas of interest, for information gathering activity,” NCSC’s alert stated.
Targets were usually those doing research and work on Iran and Russia, the NCSC said.
It added that the hacking campaigns were separate but the alert was being issued on both due to their use of similar techniques and targets.
Spear-phishing involves hackers building trust with victims by impersonating real contacts before sending meeting invitations containing malicious code, which once clicked on, allow the hackers access to sensitive information.
NCSC’s director of operations Paul Chichester urged potential targets to use the centre’s advice to protect themselves.
He said: “The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks.
“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems.
“We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”
The centre advised the use of strong passwords, multi-factor authentication and email vigilance including disabling mail-forwarding to reduce the risk of being hacked.
The Government has vowed to update the UK’s cybersecurity laws amid increasing levels of cyber attacks targeting critical infrastructure in countries around the world as a way of inflicting substantial damage on entire nations.
The Government said in late November the updates would be made as soon as parliamentary time allows.
At the time, the NCSC said the cyber security threat to the UK had “evolved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally co-ordinated response.