UK and allies issue cyber warning over China-backed malicious network
18 September 2024, 16:54
The National Cyber Security Centre has urged firms to protect themselves from a China-backed ‘botnet’ of thousands of compromised devices.
The UK’s cybersecurity agency has urged firms to protect their devices from a China-backed “botnet” of compromised devices which it warned could be used for malicious purposes.
The National Cyber Security Centre (NCSC), which is part of GCHQ, issued the warning alongside its Five Eyes counterparts in the US, Canada, Australia and New Zealand.
It says a company based in China, with links to the Chinese government, has created and manages a botnet of more than 260,000 compromised devices around the world.
Botnets are large networks of internet-connected devices which have been infected by malware and, as a result, can be controlled by a group and used to carry out cyber attacks, without the owners’ knowledge.
🚨Today, the NCSC and partners in the 🇺🇸🇦🇺🇨🇦🇳🇿have issued a joint advisory urging organisations to act following the exposure of a global network of compromised routers and IoT devices to create a botnet that can be used for malicious purposes.
— NCSC UK (@NCSC) September 18, 2024
Most commonly they are used to carry out distributed denial of service (DDoS) attacks, which flood websites or networks with traffic in the hope of knocking them offline – but they can also be used to anonymously deliver malware.
The compromised devices can include routers and other internet-connected devices, such as webcams and CCTV cameras.
In an advisory published on the issue, the cybersecurity agencies urge firms to check the security of their devices to ensure they are adequate, noting that botnets such as this pose a particular threat to owners of equipment which is older or not up to date with security patches.
Paul Chichester, NCSC director of operations, said: “Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet-connected devices with the potential to carry out large-scale cyber attacks.
“Whilst the majority of botnets are used to conduct co-ordinated DDoS attacks, we know that some also have the ability to steal sensitive information.
“That’s why the NCSC, along with our partners in Five Eyes countries, is strongly encouraging organisations and individuals to act on the guidance set out in this advisory, which includes applying updates to internet-connected devices, to help prevent their devices from joining a botnet.”
