Question to the Foreign, Commonwealth & Development Office:

To ask the Secretary of State for Foreign, Commonwealth and Development Affairs, what recent assessment his Department has made of the role of the Islamic Revolutionary Guards Corps in cyber operations targeting UK infrastructure or citizens.

The National Cyber Security Centre (NCSC) assess that Iran-based threat actors remain aggressive in cyberspace and continue to achieve their objectives through less sophisticated cyber techniques (including prolific use of spear-phishing), but also targeting industrial control systems. Iran is likely developing its cyber capabilities and willing to target the UK to fulfil its disruptive and destructive objectives. The NCSC continues to work closely with government, industry and international partners to understand and mitigate the cyber threat from Iran.

This includes the activities of the Islamic Revolutionary Guard Corps. In September 2024, the UK and the US jointly issued a Technical Advisory focusing on attackers working on behalf of Iran's Islamic Revolutionary Guard Corps who use social engineering to gain access to victims' online accounts. This Advisory provided network defenders with information to help mitigate these threats.

The UK will continue to expose and take action against malicious cyber activity carried out by Iranian groups. These groups can no longer operate in the shadows, and the UK and international partners will hold Iran to account for their behaviour.