Government departments, the public sector and business were put on alert on Friday to protect their computer networks against a worldwide cyber-hijacking campaign suspected to be linked to Iran.
GCHQ’s National Cyber Security Centre (NCSC) issued a rare warning that it was investigating a “large-scale hijacking campaign that has reportedly affected government and commercial organisations worldwide.”
The attack, aimed at hijacking sensitive data so that it can be captured by the hackers, was initially aimed at governments predominantly in the Middle East but has extended to Europe and North America.
There is as yet no evidence of any organisation in the UK being affected, said the NCSC, but it has issued a technical alert on the way the attackers operate and evidence to watch for if computer systems are compromised.
The NCSC is working with other intelligence agencies including the US Department of Homeland Security which issued an emergency directive to agencies throughout the US on Tuesday.
The campaign’s goal appears to be traditional espionage — to siphon potentially all the emails or user traffic and credentials of a targeted agency, according to FireEye, a private agency which was among the first to highlight it.
An NCSC spokesperson said: “We are aware of a cyber incident affecting some Domain Name Systems (DNS) registrars and are working with our international and industry partners to understand its nature and extent, and the potential threat, if any, to the UK.”