The British National Cyber Security Center (NCSC) says Iranian and Russian hackers have launched sophisticated campaigns to steal sensitive information from UK journalists, politicians and researchers.
“The Russia-based SEABORGIUM (Callisto Group/TA446/COLDRIVER/TAG-53) and Iran-based TA453 (APT42/Charming Kitten/Yellow Garuda/ITG18) actors continue to successfully use spear-phishing attacks against targeted organisations and individuals in the UK, and other areas of interest, for information gathering activity,” the NCSC said in an advisory published on January 26.
The cyber-attacks aimed at targets in sectors such as academia, defense, government organizations, non-governmental organizations, think tanks, as well as politicians, journalists and activists, it said in a statement.
“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems,” said Paul Chichester, NCSC Director of Operations.
“We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”
The two Iranian and Russian hacking groups are thought to be state-directed and involved in "cyber-espionage" activities, but the British agency did not blame the Russian or Iranian governments for the attacks.