UK and allies issue cyber warning over China-backed malicious network

Your support helps us to tell the story

Support Now

Find out moreClose

As your White House correspondent, I ask the tough questions and seek the answers that matter.

Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.

Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election

Andrew Feinberg

White House Correspondent

The UK’s cybersecurity agency has urged firms to protect their devices from a China-backed “botnet” of compromised devices which it warned could be used for malicious purposes.

The National Cyber Security Centre (NCSC), which is part of GCHQ, issued the warning alongside its Five Eyes counterparts in the US, Canada, Australia and New Zealand.

It says a company based in China, with links to the Chinese government, has created and manages a botnet of more than 260,000 compromised devices around the world.

Botnets are large networks of internet-connected devices which have been infected by malware and, as a result, can be controlled by a group and used to carry out cyber attacks, without the owners’ knowledge.

Most commonly they are used to carry out distributed denial of service (DDoS) attacks, which flood websites or networks with traffic in the hope of knocking them offline – but they can also be used to anonymously deliver malware.

The compromised devices can include routers and other internet-connected devices, such as webcams and CCTV cameras.

In an advisory published on the issue, the cybersecurity agencies urge firms to check the security of their devices to ensure they are adequate, noting that botnets such as this pose a particular threat to owners of equipment which is older or not up to date with security patches.

Paul Chichester, NCSC director of operations, said: “Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet-connected devices with the potential to carry out large-scale cyber attacks.

“Whilst the majority of botnets are used to conduct co-ordinated DDoS attacks, we know that some also have the ability to steal sensitive information.

“That’s why the NCSC, along with our partners in Five Eyes countries, is strongly encouraging organisations and individuals to act on the guidance set out in this advisory, which includes applying updates to internet-connected devices, to help prevent their devices from joining a botnet.”