UK issues alert over threat from cyber attackers working for Iranian state

27 September 2024, 19:04

GCHQ
GCHQ. Picture: PA

The advisory said attackers are using social engineering techniques to gain access to victims’ personal and business accounts online.

The UK has issued a warning about the threat from cyber attackers working on behalf of the Iranian state.

In an advisory published with US partners, the National Cyber Security Centre (NCSC) – part of GCHQ – shared details of how cyber attackers working for Iran’s Revolutionary Guard Corps (IRGC) are using social engineering techniques to gain access to victims’ personal and business accounts online.

According to the NCSC, the malicious activity is targeted at individuals with a link to Iranian and Middle Eastern affairs, including current and former senior government officials, senior think tank personnel, journalists, activists and lobbyists.

The US has also observed the targeting of people associated with domestic political campaigns.

The advisory said the attackers often impersonate contacts on email and messaging platforms, building a rapport with targets before soliciting them to share user credentials on a false email account login page.

The attackers can then gain access to the victims’ accounts, exfiltrate and delete messages and set up email forwarding rules.

This activity “poses an ongoing threat to various sectors worldwide, including the UK”, the NCSC said.

To reduce the chances of being affected, the organisation advised at-risk individuals to follow the mitigation steps in the advisory.

The NCSC also suggested following its guidance and taking advantage of its free cyber defence tools.

Paul Chichester, NCSC director of operations, said: “The spear-phishing attacks undertaken by actors working on behalf of the Iranian government pose a persistent threat to individuals with a connection to Iranian and Middle Eastern affairs.

“With our allies, we will continue to call out this malicious activity, which puts individuals’ personal and business accounts at risk, so they can take action to reduce their chances of falling victim.

“I strongly encourage those at higher risk to stay vigilant to suspicious contact and to take advantage of the NCSC’s free cyber defence tools to help protect themselves from compromise.”

By Press Association

More Technology News

See more More Technology News

A child’s hand pressing a key of a laptop keyboard

Children will be ‘left exposed to sexual abuse online under current safety rules’

Sophie Winkleman

Sophie Winkleman calls for AI to be kept out of classrooms

DeepSeek logo on a phone

DeepSeek usage a ‘personal choice’ for public, Government says

Technology

Community Fibre broadband service restored after outage

Skyrora, a rocket company with its headquarters in Edinburgh

Scottish company promises to blast rockets into space from 2026

Lights on the front panel of a broadband internet route

Community Fibre ‘working on solution’ to broadband outage

A graphic of a robot hand touching a human hand

Experts ‘deeply concerned’ as Government agency drops focus on bias in AI

TikTok is back on US app stores.

TikTok returns to app stores in the US including Apple and Google

Peter Kyle walking past black railings holding a red folder

Rebranded AI Security Institute to drop focus on bias and free speech

A Barclays sign outside a branch

Barclays to hand share award to staff after yearly profit surges by a quarter

A bin of seized knives. A new AI tool from the University of Surrey has been unveiled which could help police forces more quickly identify and trace knives.

New AI tool to identify knives could ‘transform’ policing of knife crime

Former executive chairman of Google Eric Schmidt

Former Google boss warns of ‘extreme risk’ from terrorists posed by AI

A laptop displaying a ‘Matrix’-style screensaver

MPs: Ministers must give protections to creative sector amid AI copyright fears

French President Emmanuel Macron addresses the audience in a closing speech at the Grand Palais during the Artificial Intelligence Action Summit in Paris

Refusal to sign AI declaration was ‘based on what’s best for British people’

Someone at a computer keyboard

Airbnb issues warning over holiday scams fuelled by AI and social media

An HSBC branch

HSBC online and mobile banking working again after service outage