NCSC warns of cyber attacks from Russia and Iran

GCHQ’s National Cyber Security Centre (NCSC) is warning individuals and businesses about targeted phishing attacks from cyber actors based in Russia and Iran.

The attacks, called 'spear-phishing', involve a cybercriminal sending malicious links to specific targets—via email or other routes—in an attempt to get them to share sensitive information.

The NCSC said that throughout last year separate malicious campaigns were carried out by two groups based in Russia and Iran, to target a range of organisations and people in the UK for information-gathering purposes.

The groups are not targeting the general public; instead they are focussing on people from specific sectors, including: academia; defence; government organisations; NGOs; think-tanks; politicians; journalists; and activists.

The organisation published an advisory this week which shares details about the techniques used by attackers as well as advice to address the threat of attacks. It reveals that approaches have been made through email, social media and professional networking platforms, with attackers impersonating real-world contacts of their targets, sending false invitations to conferences and events, and sharing malicious links disguised as Zoom meeting URLs.

“These campaigns by threat actors based in Russia and Iran continue to ruthlessly pursue their targets in an attempt to steal online credentials and compromise potentially sensitive systems,” said Paul Chichester, NCSC director of operations.

Chichester strongly encouraged organisations and individuals to “remain vigilant” and follow guidance from the NCSC.

The organisation says that initial contact may appear benign, as the attack aims to build trust and a rapport with the target. After this, they will use typical phishing methods to share malicious links that can lead to credential theft.

The NCSC has called on organisations and individuals to use strong and separate passwords for email accounts, turn on multi-factor authentication, keep devices and networks up to date, enable email providers' automated email scanning features, and disable mail-forwarding.

    Share Story:

Recent Stories


The future-ready CFO: Driving strategic growth and innovation
This National Technology News webinar sponsored by Sage will explore how CFOs can leverage their unique blend of financial acumen, technological savvy, and strategic mindset to foster cross-functional collaboration and shape overall company direction. Attendees will gain insights into breaking down operational silos, aligning goals across departments like IT, operations, HR, and marketing, and utilising technology to enable real-time data sharing and visibility.

The corporate roadmap to payment excellence: Keeping pace with emerging trends to maximise growth opportunities
In today's rapidly evolving finance and accounting landscape, one of the biggest challenges organisations face is attracting and retaining top talent. As automation and AI revolutionise the profession, finance teams require new skillsets centred on analysis, collaboration, and strategic thinking to drive sustainable competitive advantage.