Technology leaders and teams have been warned to be on the lookout for and avoid botnets from Integrity Technology Group in China.
The National Cyber Security Centre (NCSC) said the botnet exploits internet connected devices.
The NCSC warning, issued in collaboration with the cyber security agencies of the Five Eyes nations (UK, US, Canada, New Zealand and Australia), names China’s Integrity Technology Group as being responsible for “controlling and managing” the botnet and that this botnet has been active since the middle of 2021. NCSC adds that the botnet has been used by Flax Typhoon, a malicious cyber actor.
A network of 260,000 exposed internet-connected devices can be seen in the advisory note. These include firewalls, Internet of Things (IoT) devices, routers, webcams, and CCTV cameras that have been compromised.
Significant threat
“Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet connected devices with the potential to carry out large scale cyber attacks,” said Paul Chichester, NCSC director of operations.
“Whilst the majority of botnets are used to conduct coordinated DDoS attacks, we know that some also have the ability to steal sensitive information.
“That’s why the NCSC, along with our partners in Five Eyes countries, is strongly encouraging organisations and individuals to act on the guidance set out in this advisory – which includes applying updates to internet-connected devices – to help prevent their devices from joining a botnet.”
The full advisory is available at:
https://media.defense.gov/2024/Sep/18/2003547016/-1/-1/0/CSA-PRC-LINKED-ACTORS-BOTNET.PDF
