British politicians, journalists, and researchers are increasingly being targeted by sophisticated operations of state-linked hackers from Russia and Iran who want access to their email, according to the UK's cyber security agency.
As reported first by The Guardian, the National Cyber Security Centre (NCSC) warned persons working in government, defense, and the media not to click on harmful links from individuals acting as conference hosts or even coworkers alleging that they could come from Iranian and Russian hackers.
LONDON, ENGLAND - MARCH 24: A laptop screen displays the error message on the online recruitment section of the British Army website on March 24, 2022 in London, England. Following a reported malicious attack, the Ministry of Defence has suspended online application and support services for the British Army's Defence Recruitment System, run by the Capita business processing company.
Increased Cyber Attacks
These hackers have reportedly increased their activity in the UK due to the ongoing conflict in Ukraine and operating in the US and other member nations of the North Atlantic Treaty Organization (NATO). These groups reportedly want to steal sensitive information from prominent figures.
The threat actors from the two distinct groups, based in Russia and Iran, continue to steal online credentials and access potentially sensitive systems, according to Paul Chichester, the NCSC's operations director.
The hackers reportedly attempt to acquire the trust of a target by pretending to be someone who is likely to contact them, such as a journalist, and eventually tricking them into clicking on a malicious link through email and other means.
According to the NCSC, in one instance, the Iranian organization known as Charming Kitten conducted a phony zoom meeting with their victim and shared the infected link in the chat window during the call.
Google accused the Russian group known as Seaborgium or Cold River in 2022 of hacking the communications between Richard Dearlove, a former director of MI6, and other Brexiters who wanted to thwart Theresa May's Chequers EU departure arrangement.
The same team has been charged with targeting three nuclear research institutions in the US this year, setting up phony login sites for each organization, and emailing scientists to force them into giving their passwords, as per The Guardian's report.
Strong Email Passwords
To prevent these cyber attacks from happening, NCSC recommends the usage of strong email passwords. Utilizing three random phrases as a login credential on different websites is one method it also suggested.
Additionally, it advises users to employ two-factor authentication with the help of a specialized authenticator app on their phones.
The cyber agency also warns users to use extra caution when they receive legitimate messages from strangers using webmail accounts. These messages may even pretend to be from "known contacts" of the targeted person, according to NCSC.
Related Article: Russia vs Ukraine: FBI Warns Businesses, Local Governments of Ransomware Attacks Amid Tension in Europe
