Skip to main content

NCSC Advisory January 2023 - Warns Politicians & Journalists against Russian & Iranian Hackers

STATE ACTORS: NCSC warns Politicians & Journalists against Russian & Iranian Hackers
Syndicated by Iain Fraser - Cybersecurity Journalist
via IainFraser.net

UK cyber experts NCSC warn of targeted phishing attacks from actors based in Russia & Iran and highlights techniques used by attackers in spear-phishing campaigns. Advisory highlights ongoing threat from spear-phishing by Russia-based group SEABORGIUM and Iran-based group TA453

The advisory issued by the National Cyber Security Centre (NCSC) – a part of GCHQ – shared details about the techniques and tactics used by the attackers as well as mitigation advice to combat the continuing threat. It goes on to e advisory highlights that throughout 2022 separate malicious campaigns were conducted by Russia-based group SEABORGIUM and Iran-based group TA453, also known as APT42, to target a range of organisations and individuals in the UK and elsewhere for information-gathering purposes.

NCSC says that the attacks are not aimed at the general public but highlights details of malicious campaigns against targets of interest across specified sectors targets in specified sectors, including including academia, defence, government organisations, NGOs, think-tanks, as well as politicians, journalists and activists and has urged such entities to stay vigilant to potential approaches and take action to secure online accounts

Paul Chichester, NCSC Director of Operations, said: “The UK is committed to exposing malicious cyber activity alongside our industry partners and this advisory raises awareness of the persistent threat posed by spear-phishing attacks." He went on “These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems." “We strongly encourage organisations and individuals to remain vigilant to potential approaches and follow the mitigation advice in the advisory to protect themselves online.”

This activity is typical of spear-phishing attacks, where the actor undertakes reconnaissance activity around their target to tailor their content before making an approach.Thereafter contact may initially appear benign as the attacker looks to gain targets’ trust and build a rapport, before using typical phishing tradecraft to share malicious links that can lead to credential theft and onward compromise.

The advisory describes how approaches have been made via email, social media and professional networking platforms, with attackers impersonating real-world contacts of their targets, sending false invitations to conferences and events, and sharing malicious links disguised as Zoom meeting URLs.

The advisory includes the following advice to mitigate the spear-phishing activity:

  • Use strong and separate passwords for your email account
  • Turn on multi-factor authentication (also known as 2-step verification, or 2SV) 
  • Protect your devices and networks by keeping them up to date
  • Exercise vigilance
  • Enable your email providers’ automated email scanning features
  • Disable mail-forwarding
The ‘Think Before You Link’ app, from the Centre for the Protection of National Infrastructure (CPNI), is also designed to help individuals identify malicious online profiles and reduce the risk of being targeted.

The NCSC is committed to raising awareness of the latest cyber threats and provides a range of practical guidance on its website to help public sector organisations, critical national infrastructure, businesses of all sizes, and individuals protect themselves online. Read the Full Advisory /... 

NCSC Advisory January 2023


Labels:
Location: Gibraltar

Comments

Post a Comment

Popular posts from this blog

CYBER BREACH: Data Breach Exposed Thousands of Pet Medical Records Including Owner Information

Tuesday, 5th December 2023 CYBER BREACH: Data Breach Exposed Thousands of Pet Medical Records Including Owner Information By Jeremiah Fowler - Website Planet  Syndicated By IainFraser.net/CYBER_Voice Daily Cyber Insights  Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password protected database that contained over 56,000 records, including pet medical reports, DNA tests, pedigree history and other potentially sensitive information. As a long-time cyber security researcher, this is one of the most interesting discoveries I have ever encountered and a first for me.  I recently discovered a non-password protected database that contained records of thousands of dogs from around the world and included the information of their human owners. The publicly exposed cloud storage database contained a total of 56,624 documents in .PDF, .png, and .jpg formats with a total size of 25 GB. Upon further investigation, the database appeared...
Post a Comment
Learn More »

CYBERSECURITY NEWS: ECSO Launches its latest ground-breaking initiative CYBERHive

28th November 2023  CYBERSECURITY NEWS: ECSO Launches its latest ground-breaking initiative CYBERHive  Syndicated By: Iain Fraser/ Cyber PR Wire via IainFRASER.net/ CyberPRWire ECSO is delighted to announce the launch of its new, ground-breaking initiative: Cyberhive EUROPE. Cyberhive is the first-ever European marketplace co-created with- and for the European cybersecurity ecosystem, and will offer global accessibility to all Europe-headquartered cybersecurity solution providers, while also being freely accessible to end-users worldwide. Through the Cyberhive, ECSO will connect market players, promote European-made products, and ultimately strengthen the European cybersecurity market as a whole. To learn more about the Cyberhive, read below.  The second Annual CISO Meetup, organised by ECSO, starts today! Over 150 CISOs are joining us in Florence from all over Europe to engage in high-level discussions on critical cybersecurity topics. Read more below. Learn More /... ...
Post a Comment
Learn More »

CYBER THREAT INTEL: AI - UK & US Spooks publish AI Development Guidance

Tuesday, 28th November 2023 CYBER THREAT INTEL: AI - UK & US Spooks publish AI Development Guidance Posted by: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFraser.net/ Daily Cyber Insights CYBER THREAT INTEL: AI - UK & US Spooks publish AI Development Guidance The UK NCSC & US CISA have joint-published what they term as "security-focused guidance" for AI & ML developers and those who leverage AI/ML with their protocols and systems.  The Publication of Guidelines for Secure AI System Development (PDF),  apply to all types of AI/ML systems, regardless of whether built from wireframe up or added as a bolt-on on third-party resources, to address issues related to AI, cybersecurity, and critical infrastructure. Devised to be used in conjunction with existing Cybersecurity, Incident Response and Cyber Risk-Management protocols. The NCSC and CISA have said “Providers should implement security controls and mitigations where possible within their mode...
Post a Comment
Learn More »