Iranian and Russian hackers are “ruthlessly” targeting British journalists and politicians for sensitive data, Britain’s National Cyber Security Center warned on Thursday. The NCSC, attached to the British intelligence and security agency, raised the alarm by highlighting in a press release the increase in hacking attempts directed at certain people and organizations.
“These campaigns by Russian and Iranian-based actors continue to ruthlessly pursue their targets to steal online credentials and compromise potentially sensitive systems,” said Paul Chichester, an NCSC official. The press release mentions in particular the Russia-based SEABORGIUM and Iran-based TA453 groups, linked to the Revolutionary Guard. While the two campaigns are separate, the two groups “use similar techniques and have similar goals.”
“The attacks are not directed at the general public, but at specific sectors, including academia, defense, government organizations, NGOs, think tanks, as well as politicians, journalists, and activists,” the NCSC notes. .
archaic methods
Spear phishing involves retrieving sensitive data by posing as a legitimate actor. If the method is as old as the Internet, the NCSC details how the aforementioned groups use meticulous outreach methods. “They create fake social media profiles to pose as respected experts, they use supposed invitations to conferences or events,” she said.
According to the NCSC, the Iranian group TA453 used the Zoom platform, arranging fake calls and then sending a malicious location to the platform’s chat bar. “We urge organizations and individuals to remain alert to possible approaches and to follow instructions to protect yourself online,” Chichester warned.
The NCSC recommends the use of strong passwords, multiple authentication, and keeping an eye on incoming emails to reduce the risk of hacking.
Source: BFM TV
