The UK’s National Cyber Security Centre (NCSC), along with international partners, has issued a joint advisory warning individuals and organisations to take protective measures against a China-linked cyber campaign.
The advisory exposes a botnet, operated by Integrity Technology Group, that has compromised over 260,000 internet-connected devices worldwide since mid-2021.
The botnet, managed by the cyber actor known as “Flax Typhoon,” consists of compromised routers, firewalls, and Internet of Things (IoT) devices, including webcams and CCTV cameras.
These devices have been used for malicious purposes such as malware delivery and distributed denial of service (DDoS) attacks.
Paul Chichester, NCSC Director of Operations, emphasised the severity of the threat:
“Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet-connected devices with the potential to carry out large-scale cyber attacks.” He urged organisations and individuals to follow the advisory’s guidance, including applying necessary updates to internet-connected devices to prevent further exploitation.
The advisory provides technical details and mitigation strategies to help defend against the botnet. It highlights how unpatched and outdated equipment can be targeted by malicious cyber actors. The NCSC’s alert was issued in coordination with its counterparts in the United States, Australia, Canada, and New Zealand.
The botnet operates by infecting devices with malware, allowing cybercriminals to gain unauthorised remote access. Once compromised, these devices, or ‘bots,’ can be controlled remotely, making them part of a network used for co-ordinated attacks.
“As with similar botnets, the botnet described in this advisory is composed of a network of devices, known as bots, which are infected with a type of malware that provides threat actors with unauthorised remote access. To recruit a new ‘bot’, the botnet system first compromised an internet-connected device using a known vulnerability exploit which then provides access to establish a remote command and control execution. This advisory has been co-sealed by the NCSC and agencies in the United States, Australia, Canada, and New Zealand.”
The same China Peter Mandelson wants the government to get back into bed with.
just one of the many aspects of the war china is actively fighting with the west.it’s just the west only really recognises war when things go bang.
China has a large number of APTs. A few of them are PLA, but a larger number private. I belive like Russia the private APTs take on government contracts therefore making themselves invaluable and immune to prosecution. But they are ripping of everything IPR related to military tech and upwards. Probably have a foot in the door of utilities and every service industry. If the balloon did go up we’d be up the swany. I personally do keep a wind up radio. Supply if batteries, water, gas stove and some tinned food which I turn over on a regular basis.… Read more »
I’m a professional manager of significant risk, health systems and on the side I do civil contingencies and incident response room management..I always have 1 months food in the house, a supply of power banks, silver coins, 1 months of logs to heat the house when it’s winter, a way to cook on the woodburner, a decent medical kit etc..as far as I’m concerned anyone who has not planned how the can be pretty much self sufficient for at least one month ( if they have the money to do so) is loopy..I know how fragile our systems actually are.… Read more »
In Finland we call this war stocks, and by planning regulations every building has a NBC shelter. 5Ps.
Finland is one of the only western nations where sanity prevailed and that did not drop the whole concept of civil defence the moment the wall went down and that political scientist Fukuyama convinced the west that they had won history and every nation would become a peace loving democracy by a natural process….