By Alistair Bunkall, defence and security correspondent

Iran is being blamed for a wave of cyber attacks that targeted key parts of the UK's national infrastructure in a major assault just before Christmas.

It is understood that private sector companies, including banks, were also compromised in what has been described as an "ongoing" campaign.

Sky News has learnt that the Post Office and local government networks were both hit in coordinated attacks on 23 December.

The National Cyber Security Centre said it was "aware of a cyber incident affecting some UK organisations in late 2018" and that it was "working with victims and advising on mitigation measures".

Image: GCHQ said is it 'aware' of incidents taking place in the UK

Personal details belonging to thousands of employees were stolen, including the email address and mobile phone number of the Post Office chief executive Paula Vennells.

Advertisement

Analysis by cyber security experts in California has concluded that a group connected to the Iranian Revolutionary Guard was responsible for this attack and the attack on the parliamentary network in 2017.

Sky News has seen the 10,204 data records that were stolen from the parliament global address lists during that attack including addresses, company positions and phone numbers.

More from Iran

House of Commons
Image: Personal details about MPs were harvested during the attacks before Christmas

The mobile phone numbers of at least 10 peers and MPs were among the compromised data.

Lewis Henderson, vice-president of threat intelligence at cyber security company Glasswall, said the data could be used to start a deeper attack.

"As we've seen, you can do anything… influence elections, in particular. You can start to impersonate people within that government as well and be utterly convincing," he said.

"The levels of trust that the global address list puts in place is completely eroded once you've lost that information, once it's out there in the hands of the attackers.

"We know that they could be impersonating members of our own government and starting to alter and disrupt communications."

Members of the Iranian revolutionary guard. File pic
Image: Experts think groups linked to Iran's Revolutionary Guard carried out the attacks. File pic

Sky News has informed British security services of the findings, and although they haven't publicly confirmed Iran's involvement, four separate security sources say they believe it to be accurate.

It is further confirmation that Iran is engaged in an ongoing cyber campaign against the West after nine key leaders and affiliates of a group called The Mabna Institute were indicted by the FBI in February 2018.

The Mabna Institute is linked to the Iranian government.

The charges included aggravated access to computer systems, wire fraud and stealing proprietary data.

The FBI said that victims of the group included approximately 144 US universities, 176 foreign universities in 21 countries, two international NGOs, fRead More – Source

[contf] [contfnew]

Sky News

[contfnewc] [contfnewc]