UK businesses are warned about a China-linked hacking scheme using everyday devices like wifi routers for cyber-attacks. The National Cyber Security Centre highlights the sophistication of these covert networks in espionage efforts.
Mentioned in this story
British businesses are being urged to step up their vigilance against a China-linked hacking ploy that uses everyday devices for espionage.
The UK’s National Cyber Security Centre (NCSC) and agencies in nine other countries have warned of persistent attempts by Beijing-backed groups to hack equipment such as wifi routers to launch cyber-attacks.
Known as “covert networks” or “botnets”, they typically target vulnerable equipment – for instance devices that have not had a software update or are old – as a base for staging activities such as surveillance and data theft.
The NCSC said the technique was used by the majority of China-linked hackers. Richard Horne, the centre’s chief executive, said on Wednesday that China’s intelligence and military agencies had an “eye-watering level of sophistication in their cyber operations”. Speaking at his NCSC’s annual conference in Glasgow, he said: “We face more than just a capable cyber threat but a peer competitor in cyberspace.”
The advisory notice from the NCSC and cyber agencies in countries including the US, Australia, Canada and Germany warns there has been a “major shift” in Chinese tactics to using devices linked to the internet as a means of obscuring where an attack comes from. The most commonly hijacked devices are routers but printers and web cameras are also vulnerable.
Security officials compare routers to virtual private networks, which allow web users to obscure their location. They say a household’s wifi router could be used as a conduit for attacking an unrelated major company.
While the NCSC guidance is not directed at members of the public who might be unwittingly providing a launchpad for espionage, it urges companies and organisations to take a number of steps such as mapping out their IT systems, including connections to consumer broadband networks. It also recommends multifactor authentication – where users are asked to give another form of verification along with their password – for members of staff trying to access a system remotely. They also advise limiting network connections to external devices.
The centre said in the advisory notice published on Thursday: “The NCSC believes that the majority of China-nexus threat actors are using these networks, that multiple covert networks have been created and are being constantly updated, and that a single covert network could be being used by multiple actors. These networks are mainly made up of compromised small office home office routers, as well as internet of things [connected devices] and smart devices.”
A China-backed group, dubbed Volt Typhoon by western authorities, has been flagged by agencies as a user of covert networks and has into key US infrastructure including rail, aviation and water systems. The NCSC said these covert networks were now built and maintained by private Chinese companies. In one example, a Chinese business created a covert network by infecting 200,000 devices worldwide.
Chinese hackers are primarily targeting wifi routers, printers, and web cameras to launch cyber-attacks.
They exploit vulnerable devices that lack software updates or are outdated to create covert networks for surveillance and data theft.
The NCSC has warned that China-linked hackers possess a high level of sophistication and represent a significant cyber threat to UK businesses.
At 93, Moira Brown will attend her fourth World Cup, celebrating Scotland's qualification for the tournament after nearly 30 years. She'll cheer for her team during their group stage matches in the U.S.
How Trump's immigration crackdown affected small-business loans for entrepreneurs.
Belfast residents voice disgust at riots following stabbing incident
One year on from the Air India crash, families like Sagar Patel's seek justice and closure.
Want a better skin care routine? Sign up for our one-week guide!
Can smartphones explain the drop in birth rates over the last two decades?
See every story in News — including breaking news and analysis.
This year, Google announced it had disrupted a “residential proxy” network where cybercrime groups and state actors used hacked household and IT devices to launch attacks.