UK issues alert over threat from cyber attackers working for Iranian state

27 September 2024, 19:04

GCHQ
GCHQ. Picture: PA

The advisory said attackers are using social engineering techniques to gain access to victims’ personal and business accounts online.

The UK has issued a warning about the threat from cyber attackers working on behalf of the Iranian state.

In an advisory published with US partners, the National Cyber Security Centre (NCSC) – part of GCHQ – shared details of how cyber attackers working for Iran’s Revolutionary Guard Corps (IRGC) are using social engineering techniques to gain access to victims’ personal and business accounts online.

According to the NCSC, the malicious activity is targeted at individuals with a link to Iranian and Middle Eastern affairs, including current and former senior government officials, senior think tank personnel, journalists, activists and lobbyists.

The US has also observed the targeting of people associated with domestic political campaigns.

The advisory said the attackers often impersonate contacts on email and messaging platforms, building a rapport with targets before soliciting them to share user credentials on a false email account login page.

The attackers can then gain access to the victims’ accounts, exfiltrate and delete messages and set up email forwarding rules.

This activity “poses an ongoing threat to various sectors worldwide, including the UK”, the NCSC said.

To reduce the chances of being affected, the organisation advised at-risk individuals to follow the mitigation steps in the advisory.

The NCSC also suggested following its guidance and taking advantage of its free cyber defence tools.

Paul Chichester, NCSC director of operations, said: “The spear-phishing attacks undertaken by actors working on behalf of the Iranian government pose a persistent threat to individuals with a connection to Iranian and Middle Eastern affairs.

“With our allies, we will continue to call out this malicious activity, which puts individuals’ personal and business accounts at risk, so they can take action to reduce their chances of falling victim.

“I strongly encourage those at higher risk to stay vigilant to suspicious contact and to take advantage of the NCSC’s free cyber defence tools to help protect themselves from compromise.”

By Press Association

More Technology News

See more More Technology News

Google screen

Google brings more AI to search engine in ‘significant’ update

UK Information Commissioner John Edwards

Accountability comes in many forms – Information Commissioner

The ChatGPT website

OpenAI raises £5 billion in largest ever funding round

A woman using a laptop as she holds a bank card

Meta partners with UK banks to combat fraud

The word Google in white on dark glass at the company's offices

Google breached TV company trademark through YouTube Shorts service, court told

The Vodafone logo on a smartphone

Vodafone and Three UK promise £10-a-month price cap for some mobile deals

An Asda store

Asda apologises after stores open later than planned due to till issue

The game developer has been fighting big tech firms for years over anti-competitive behaviour on their app stores (AP)

Epic Games sues Google and Samsung over anti-competition collusion claims

A woman using a mobile phone

Nearly a quarter of adults feel digitally excluded, survey finds

Minister for Justice Helen McEntee

Internet companies could face huge fines over content glorifying terrorism

An Amazon sign at the fulfillment centre in Hemel Hempstead, Hertfordshire

Competition regulator clears Amazon’s partnership with AI firm Anthropic

Meta logo on sign outside building

Meta fined 91m euro over password breach

Revolut, Chase and Modulr have agreed to join the 159 short-code phone service that people can call to speak to their bank when they are worried about a potential scam (Yui Mok/PA)

Revolut, Chase and Modulr agree to join 159 anti-scam service

Network Rail ‘cyber security incident’

Man arrested after cyber vandalism hit wifi at UK’s biggest railway stations

Passengers waiting for trains at London King’s Cross Station

‘Cyber vandalism’ shuts down wifi at 19 Network Rail stations

Passengers milling about at London King's Cross

‘Cyber security incident’ hits wifi at Network Rail stations