{"id":606226,"date":"2023-02-09T07:48:56","date_gmt":"2023-02-09T13:48:56","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/02\/09\/russian-hacking-group-seaborgium-targets-snp-mp-stewart-mcdonald\/"},"modified":"2023-02-09T07:48:56","modified_gmt":"2023-02-09T13:48:56","slug":"russian-hacking-group-seaborgium-targets-snp-mp-stewart-mcdonald","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/02\/09\/russian-hacking-group-seaborgium-targets-snp-mp-stewart-mcdonald\/","title":{"rendered":"Russian hacking group Seaborgium targets SNP MP Stewart McDonald"},"content":{"rendered":"<div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.computerweekly.com\/visuals\/ComputerWeekly\/Hero Images\/security-hacker-cyber-crime-adobe_searchsitetablet_520X173.jpg\" data-credit=\"Sergey Nivens - stock.adobe.com\"  width=\"520\" height=\"173\" alt><\/p>\n<p>Sergey Nivens &#8211; stock.adobe.com<\/p>\n<\/p><\/div>\n<div id=\"content-header\">\n<h2>Scottish National Party MP Stewart McDonald says his personal emails have been hacked by a group linked to the Russian state in a targeted phishing attack<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Bill-Goodwin-CW-contributor-2022-140x180px.jpg\" alt=\"Bill Goodwin\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Bill-Goodwin\">Bill Goodwin,<\/a><br \/>\n\t\t\t\t\t\t<span>Computer Weekly<\/span>\n\t\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>08 Feb 2023 16:56<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>Scottish National Party MP Stewart McDonald has become the latest victim of a Russian state-backed hacking group that specialises in targeting non-government organisations (NGOs), politicians, journalists and other people of influence.<\/p>\n<p>Stewart McDonald, former SNP defence spokesman, <a href=\"https:\/\/twitter.com\/StewartMcDonald\/status\/1623224020949778432\">said today<\/a> that hackers believed to be linked to the Russian state had gained access to his private emails and might publish them on the internet.<\/p>\n<p>The disclosure follows <a href=\"https:\/\/www.computerweekly.com\/news\/252529571\/NCSC-exposes-Iranian-Russian-spear-phishing-campaign-targeting-UK\">warnings from the UK\u2019s National Cyber Security Centre<\/a>, part of GCHQ, that the Russian hacking group Seaborgium, also known as Cold River, is launching highly targeted phishing attacks against people of interest to the Russian state.<\/p>\n<p>The hacking group, which is believed to be linked to the Russian FSB intelligence agency, was responsible for <a href=\"https:\/\/www.computerweekly.com\/news\/252525366\/How-Russian-intelligence-hacked-the-encrypted-emails-of-former-MI6-boss-Richard-Dearlove\">hack and leak operations<\/a> last year against former head of MI6 <a href=\"https:\/\/www.computerweekly.com\/news\/252527713\/MI6-chiefs-hacked-emails-attacked-MI5-and-betrayed-British-spy-operations-in-China\">Richard Dearlove<\/a>, journalist Paul Mason and other, undisclosed, targets.<\/p>\n<p>\u201cOver the past couple of weeks. I have been dealing with a sophisticated and targeted spear phishing hack of my personal email account, and the personal email account belonging to one of my staff. These hacks are a criminal offence,\u201d McDonald <a href=\"https:\/\/twitter.com\/StewartMcDonald\/status\/1623224020949778432\">wrote on Twitter<\/a>.<\/p>\n<p>In an <a href=\"https:\/\/www.bbc.co.uk\/news\/uk-politics-64562832\">interview with the BBC<\/a>, McDonald said that on 13 January 2023, he received an email on his private account from a member of staff, purporting to link to a password-protected document about the war in Ukraine.<\/p>\n<p>The MP for Glasgow South has taken an interest in the Ukraine war, and has received the order of merit from the Ukrainian government, the BBC reported.<\/p>\n<p>McDonald said he clicked on a link in the document and was taken to a web page that asked for his password, which he typed in. The password took McDonald to a blank page.<\/p>\n<blockquote>\n<div>\n<figure>\n   \u201cThese [spear phishing attacks] are highly sophisticated and deeply convincing. Having spoken with others who this has also happened to \u2013 most of whom have a heightened sense of cyber security and good practice \u2013 it\u2019s easy to see how anyone can fall victim\u201d<br \/>\n  <\/figure><figcaption>\n   <strong>Stewart McDonald, Scottish National Party<\/strong><br \/>\n  <\/figcaption><\/div>\n<\/blockquote>\n<p>A few days later, the member of staff concerned reported that he had been locked out of his personal email and was having trouble regaining access to it because of suspicious activity on his account. The staff member also confirmed that he had not sent McDonald the suspicious email.<\/p>\n<p>The incident occurred as the NCSC was preparing to publish new warnings of the activities of Seaborgium and of similar Iranian hacking groups. The NCSC confirmed to the BBC that it was investigating the incident.<\/p>\n<p>\u201cIt became clear that the tactics used in this hack mirrored a recent NCSC advisory notice on spear phishing emails that target academia, defence, government organisations, NGOs, think tanks, as well as politicians, journalists and activists,\u201d he wrote on Twitter.<\/p>\n<p>\u201cAs was the case here, these attempts are highly sophisticated and deeply convincing. Having spoken with others who this has also happened to \u2013 most of whom have a heightened sense of cyber security and good practice \u2013 it\u2019s easy to see how anyone can fall victim,\u201d he added.<\/p>\n<p>McDonald told the BBC that he had spoken out to limit the potential damage as he waits to see what the hackers do with the stolen material, and to warn others about the risks of phishing.<\/p>\n<p>He said he had to assume that the hackers might publish some of the stolen information and were likely to modify some of the contents.<\/p>\n<p>\u201cI also don\u2019t doubt that, in amongst some genuine emails, there will be emails that are entirely false. It\u2019s an old tactic,\u201d he wrote on Twitter.<\/p>\n<p>It is also possible that the hacking group may have been more interested in finding out who he was communicating with and the contents of those communications than in leaking his correspondence, the MP said.<\/p>\n<p>McDonald said that in some cases other victims he had spoken to have had their emails leaked, and in other cases they have not.<\/p>\n<p>\u201cI want to raise awareness and urge people to be extra vigilant,\u201d he said.<\/p>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on Privacy and data protection<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.computerweekly.com\/news\/252529571\/NCSC-exposes-Iranian-Russian-spear-phishing-campaign-targeting-UK\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/spy-privacy-data-security-fotolia_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/spy-privacy-data-security-fotolia_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/spy-privacy-data-security-fotolia.jpg 1280w\" alt ><\/p>\n<h5>NCSC exposes Iranian, Russian spear-phishing campaign targeting UK<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/news\/252525366\/How-Russian-intelligence-hacked-the-encrypted-emails-of-former-MI6-boss-Richard-Dearlove\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/social-engineering-hacker-fotolia_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/social-engineering-hacker-fotolia_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/social-engineering-hacker-fotolia.jpg 1280w\" alt ><\/p>\n<h5>How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Duncan-Campbell-2015-140x180px.jpg\" alt=\"DuncanCampbell \">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Duncan\u00a0Campbell <\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/news\/252514308\/Challenges-for-IT-providers-as-Ukraine-crisis-worsens\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Ukraine-Russia-hero-AdobeStock_483182656_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Ukraine-Russia-hero-AdobeStock_483182656_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Ukraine-Russia-hero-AdobeStock_483182656.jpg 1280w\" alt ><\/p>\n<h5>Challenges for IT providers as Ukraine crisis worsens<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Cliff-Saran-Sep-2022-140x180px.jpg\" alt=\"CliffSaran\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Cliff\u00a0Saran<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/252512087\/Russian-backed-hackers-defaced-Ukrainian-websites-as-cover-for-dangerous-malware-attack\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/malware-1-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/malware-1-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/malware-1-adobe.jpg 1280w\" alt ><\/p>\n<h5>\u2018Russian-backed\u2019 hackers defaced Ukrainian websites as cover for dangerous malware attack<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Bill-Goodwin-CW-contributor-2022-140x180px.jpg\" alt=\"BillGoodwin\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Bill\u00a0Goodwin<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/365530673\/Russian-hacking-group-Seaborgium-targets-SNP-MP-Stewart-McDonald\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Margherita Klemp<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sergey Nivens &#8211; stock.adobe.com Scottish National Party MP Stewart McDonald says his personal emails have been hacked by a group linked to the Russian state in a targeted phishing attack By Bill Goodwin, Computer Weekly Published: 08 Feb 2023 16:56 Scottish National Party MP Stewart McDonald has become the latest victim of a Russian state-backed<\/p>\n","protected":false},"author":1,"featured_media":606227,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26620,776,46],"tags":[],"class_list":{"0":"post-606226","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-hacking","8":"category-russian","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/606226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=606226"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/606226\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/606227"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=606226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=606226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=606226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}