UK and allies issue cyber warning over China-backed malicious network

18 September 2024, 16:54

A hand on a laptop keyboard
State Opening of Parliament. Picture: PA

The National Cyber Security Centre has urged firms to protect themselves from a China-backed ‘botnet’ of thousands of compromised devices.

The UK’s cybersecurity agency has urged firms to protect their devices from a China-backed “botnet” of compromised devices which it warned could be used for malicious purposes.

The National Cyber Security Centre (NCSC), which is part of GCHQ, issued the warning alongside its Five Eyes counterparts in the US, Canada, Australia and New Zealand.

It says a company based in China, with links to the Chinese government, has created and manages a botnet of more than 260,000 compromised devices around the world.

Botnets are large networks of internet-connected devices which have been infected by malware and, as a result, can be controlled by a group and used to carry out cyber attacks, without the owners’ knowledge.

Most commonly they are used to carry out distributed denial of service (DDoS) attacks, which flood websites or networks with traffic in the hope of knocking them offline – but they can also be used to anonymously deliver malware.

The compromised devices can include routers and other internet-connected devices, such as webcams and CCTV cameras.

In an advisory published on the issue, the cybersecurity agencies urge firms to check the security of their devices to ensure they are adequate, noting that botnets such as this pose a particular threat to owners of equipment which is older or not up to date with security patches.

Paul Chichester, NCSC director of operations, said: “Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet-connected devices with the potential to carry out large-scale cyber attacks.

“Whilst the majority of botnets are used to conduct co-ordinated DDoS attacks, we know that some also have the ability to steal sensitive information.

“That’s why the NCSC, along with our partners in Five Eyes countries, is strongly encouraging organisations and individuals to act on the guidance set out in this advisory, which includes applying updates to internet-connected devices, to help prevent their devices from joining a botnet.”

By Press Association

More Technology News

See more More Technology News

Google screen

Google brings more AI to search engine in ‘significant’ update

UK Information Commissioner John Edwards

Accountability comes in many forms – Information Commissioner

The ChatGPT website

OpenAI raises £5 billion in largest ever funding round

A woman using a laptop as she holds a bank card

Meta partners with UK banks to combat fraud

The word Google in white on dark glass at the company's offices

Google breached TV company trademark through YouTube Shorts service, court told

The Vodafone logo on a smartphone

Vodafone and Three UK promise £10-a-month price cap for some mobile deals

An Asda store

Asda apologises after stores open later than planned due to till issue

The game developer has been fighting big tech firms for years over anti-competitive behaviour on their app stores (AP)

Epic Games sues Google and Samsung over anti-competition collusion claims

A woman using a mobile phone

Nearly a quarter of adults feel digitally excluded, survey finds

Minister for Justice Helen McEntee

Internet companies could face huge fines over content glorifying terrorism

GCHQ

UK issues alert over threat from cyber attackers working for Iranian state

An Amazon sign at the fulfillment centre in Hemel Hempstead, Hertfordshire

Competition regulator clears Amazon’s partnership with AI firm Anthropic

Meta logo on sign outside building

Meta fined 91m euro over password breach

Revolut, Chase and Modulr have agreed to join the 159 short-code phone service that people can call to speak to their bank when they are worried about a potential scam (Yui Mok/PA)

Revolut, Chase and Modulr agree to join 159 anti-scam service

Network Rail ‘cyber security incident’

Man arrested after cyber vandalism hit wifi at UK’s biggest railway stations

Passengers waiting for trains at London King’s Cross Station

‘Cyber vandalism’ shuts down wifi at 19 Network Rail stations