Iran Regime Behind Cyber-Attacks on UK Infrastructure and Parliament
By Staff Writer
The Iranian Regime is being accused of committing several cyber attacks on the UK’s national infrastructure in a major assault in December, where several private sector companies, including banks and the Post Office, as well as local government networks, were hit.
Cyber security experts in California are describing the December 23 attacks, during which the personal details of thousands of employees were stolen, as an “ongoing” campaign. They concluded that a group affiliated with the Iranian Revolutionary Guard was responsible for this attack and the attack on the UK Parliament network in 2017, during which over 10,000 data records, including addresses, company positions and phone numbers, were stolen from the parliament global address lists. This included the mobile phone numbers of at least 10 peers and MPs.
Lewis Henderson, vice-president of threat intelligence at cyber security company Glasswall, warned that the data could be used to carry out a deeper attack.
He said: "As we've seen, you can do anything... influence elections, in particular. You can start to impersonate people within that government as well and be utterly convincing. The levels of trust that the global address list puts in place is completely eroded once you've lost that information, once it's out there in the hands of the attackers. We know that they could be impersonating members of our own government and starting to alter and disrupt communications."
The National Cyber Security Centre said it’s "aware of a cyber incident affecting some UK organisations in late 2018" and is "working with victims and advising on mitigation measures".
The British security services have not publically confirmed Iran's involvement, but four separate security sources believe the reports to be accurate. This is further proof that Iran is engaged in an ongoing cyber campaign against the West, following the FBI’s indictment of nine key leaders and affiliates of a group called The Mabna Institute in February 2018 on the charges of aggravated access to computer systems, wire fraud, and stealing proprietary data.
The Mabna Institute is linked to the Iranian government and its victims included roughly:
• 144 US universities
• 176 foreign universities
• two international NGOs
• five US federal and state agencies
• 11 private foreign companies
Since the indictments, the group was reorganised and now includes hackers from Lebanon, Palestine and Syria, but this has not changed the severity of the problem.
Emily Orton, the co-founder of the cyber firm Darktrace, said: "We're in the Wild West of hacking at the moment. If you speak to any of the critical infrastructure providers in this country or any other, you will see that they are dealing with attacks like this pretty much on a daily basis."