The National Cyber Security Centre (NCSC), part of GCHQ, has released an alert in collaboration with international allies regarding the evolving techniques of China state-sponsored cyber actors, according to a press release.
The advisory highlights how one specific group, APT40, has adapted its methods to exploit small-office and home-office (SoHo) devices for launching cyber attacks.
APT40, identified as part of the Chinese Ministry of State Security, has been noted for targeting vulnerable SoHo devices. These devices are often easier to exploit when they are not running the latest software or are no longer supported with security updates, making them prime targets for concealing malicious traffic.
The alert, co-released by the NCSC alongside partners from Australia, the US, Canada, New Zealand, Germany, the Republic of Korea, and Japan, focuses on recent attacks against Australian networks.
Two technical case studies have been provided to help network defenders identify and mitigate such malicious activities, which are also used globally by other China state-sponsored actors.
The NCSC has previously attributed APT40 to the Chinese Ministry of State Security. Network defenders are urged to follow the latest guidance to detect and counteract this malicious activity.
“The publication of this advisory follows a warning made by the Director of GCHQ in May about the ‘genuine and increasing cyber risk to the UK’ posed by China,” the press release stated.
The advisory, titled “PRC MSS tradecraft in action,” has been endorsed by a wide range of international cyber security agencies. These include the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US National Security Agency (NSA), the US Federal Bureau of Investigation (FBI), the Canadian Cyber Security Centre (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), the German Federal Intelligence Service (BND), the Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Center, and Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Police Agency (NPA).
Are users of supposedly cheap communication devices getting best value or are they putting their data and privacy at risk… The only vote we have with the CCP dictatorship is not to buy their supposedly cheap products which in reality is an exchange of sovereign capabilities and so a loss of freedom. A very bad bargain and something not priced into the deal at all, which allows the globalist to trade away our freedom without any accounting of that. Supposedly free devices provided by broadband providers are not an informed choice so regulators should be setting standards for those providers… Read more »