The National Cyber Security Centre has published new advice for organisations on how to avoid malicious cyber campaigns in light of phishing attacks from Russia and Iran.
Part of GCHQ, the NCSC has published an advisory from some of the UK’s best cyber experts highlighting campaigns by Russia-based group SEABORGIUM and Iran-based group TA453 or APT42 that ran throughout 2022, though the two groups are not connected.
NCSC Director of Operations, Paul Chichester, said: ‘These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems.’
He added: ‘The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks.’
Spear-phishing scheme involve an attacker sending malicious links that seek to obtain sensitive information from specific targets with the recent attacks being aimed at specific figures and sectors including defence, NGOs, government organisations, politicians and journalists.
Advice mentioned in the publication includes turning on multi-factor authentication, disabling mail-forwarding and enabling automated email scanning features.
The advisory also explains how the scams can work and the various approaches that would be attackers may make, including through social media and professional networking platforms. Some attackers also impersonate real-world contacts with false invitations and links disguised as Zoom meeting URLs.
Mr Chichester said: ‘We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.’
Individuals and organisations who recognise the patterns of activity listed in the advisory are also encouraged to report it to the NCSC through their website.
You can read the NCSC’s full advisory on their website here.
A survey from the Department for Digital, Culture, Media and Sport found that a large majority of bigger charities and businesses had experienced a cyber security incident in the last twelve months.
Photo by Brett Jordan
Leave a Reply