UK businesses with a presence in the Middle East have been urged to step up vigilance against cyber threats from Iran after US-Israeli attacks.
The National Cyber Security Centre (NCSC) said there was “almost certainly” a heightened risk of an indirect cyber threat for organisations that had offices, or supply chains, in the Middle East.
The UK’s cybersecurity agency said Iran remained a threat despite an extensive bombing campaign that has devastated the country’s political and military leadership, including the death of its supreme leader, Ayatollah Ali Khamenei.
“Iranian state and Iran-linked cyber actors almost certainly currently maintain at least some capability to conduct cyber activity,” said the NCSC.
The agency said in an alert published on Monday that there was “likely” no significant change in the direct cyber threat from Iran to the UK, but organisations should prepare for the risk of collateral damage from Iran-linked hacktivists. It said organisations with a presence in the region should consider boosting monitoring of their IT systems and follow NCSC guidelines for dealing with a heightened threat of cyber-attacks.
Jonathon Ellison, the NCSC’s director for national resilience, said UK organisations and key infrastructure providers – such as airports and power stations – needed to “act now” in protecting themselves from potential attacks.
“In light of rapidly evolving events in the Middle East, it is critical that all UK organisations remain alert to the potential risk of cyber compromise, particularly those with assets or supply chains that are in areas of regional tensions,” he said.
Source: The Guardian