NCSC Alert: British Journalists & Politicians Are Hacking Targets

Uploaded on 2023-01-26 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-Russia, INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW

Russian and Iranian government-linked hackers are focusing on British politicians, journalists and researchers with the aim to get access to their email accounts.

Britain's National Cyber Security Centre (NCSC) has now published an alert about two groups from Russia and Iran, warning those in government, defence, thinktanks and the media against clicking on malicious links from people posing as conference hosts, journalists or even colleagues. Researchers say that the hackers target their victims,  impersonating people known to them using fake email addresses and social media profiles.

NCSC Director of Operations, Paul Chichester, said “The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks... These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems.

“We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”

The Russian group is thought to be Cold River, which is also known as Callisto and Seaborgium, which hacked nuclear research operations in the US and they leaked emails from ex-MI6 chief Sir Richard Dearlove. Similar methods have also been used by the Iranian based group ‘Charming Kitten’ to collect information. Independent cyber-security experts have linked the group to the nation’s Islamic Revolutionary Guard Corps, and it is alleged that it has targeted US politicians as well as critical infrastructure.

Both groups have recently increased their hacking in the UK as the war in Ukraine continues and they are also actively hacking the US and other NATO members with the aim is to steal secrets and to leak correspondence online to embarrass high-profile figures.

The hackers typically seek to gain confidence of a target by impersonating somebody likely to make contact with them, such as by falsely impersonating a journalist, and ultimately luring them to click on a malicious link, sometimes over the course of several emails and other online interactions.

Although the method is one of the oldest hacking techniques, but the NCSC say that what distinguishes the two groups is the effort made to fool their targets, including creating “fake social media or networking profiles that impersonate respected experts” and offering invitations to nonexistent conferences relevant to their targets.

Immanuel Chavoya, Senior Manager of Product Security at SonicWall commented "..The latest data shows how bad actors are getting smarter in the development of evolutionary strains and more targeted in their assaults.” 

The NCSC encourages people to use strong email passwords and one recommended technique is to use three random words, and not replicate it as a login credential on other websites. It also recommends people use two-factor authentication, using a mobile phone as part of the log on process, ideally by using a special authenticator app.

Organisations and their employees should be particularly careful when receiving plausible sounding messages from strangers who rely on Gmail, Yahoo, Outlook or other webmail accounts, sometimes impersonating “known contacts” of the target culled from social media. 

The NCSC recommends that if individuals or organisations in the identified sectors recognise the specific and targeted activity described in the advisory, they should report it to them.

NCSC:      Guardian:    BBC:   WION:   FirstPost:   The Times:    AA

You Might Also Read: 

Cyber Threats & Nuclear Fears:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Preventing Ransomware Attacks Begins With You
Will The Insider Threat Intensify During The Recession? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO is an IT security specialist with a focus in three areas - technology management, managed security services, security consulting and auditing.

Korea Information Security Industry Association (KISIA)

Korea Information Security Industry Association (KISIA)

KISIA is a non-profit organization for the information security industry in Korea.

WizNucleus

WizNucleus

WizNucleus develops, markets and supports a software platform (Cyberwiz-Pro) that enables Critical Infrastructure enterprises to ensure the future state of their cybersecurity and remain compliant.

National Cyber Security Centre (NCSC) - Ireland

National Cyber Security Centre (NCSC) - Ireland

The National Cyber Security Centre (NCSC) is the operational side of the Department of Communications in regard to network and information security in the Republic of Ireland.

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

Network Center Inc (NCI)

Network Center Inc (NCI)

NCI is one of the largest IT solution providers in the Midwest. We specialize in industry specific technology solutions, service, support, and expertise for small to enterprise businesses.

International Association of Security Awareness Professionals (IASAP)

International Association of Security Awareness Professionals (IASAP)

IASAP provides a members-only virtual sharing platform where security awareness professionals engage in a lively, year-round exchange of information and ideas.

Dark Intelligence

Dark Intelligence

Dark Intelligence, created by Protective Intelligence, is the world’s first independent Dark Web Security Operations Centre.

Bitbone

Bitbone

Bitbone develop IT infrastructure and IT security solutions that create long-term value.

HADESS

HADESS

We are "Hadess", a group of cyber security experts and white hat hackers.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.