A network of devices has been seized by the western intelligence alliance, Five Eyes, taking control of a 260,000 device botnet. The network was reportedly in development since 2021, and was likely used to help Chinese actors breach critical infrastructure and government agencies in the US, Taiwan, and elsewhere.
The Five Eyes alliance, which is composed of the UK, US, Canada, Australia, and New Zealand, carried out the operation to dismantle the network. More than half of the devices were in the US, and consisted primarily of malware infected PCs and servers.
FBI Director Christopher Wray said that it was ‘all hands on deck’ when agents gained control of the network. The Chinese team then reportedly launched a DDoS strike to disrupt the Five Eyes efforts, but abandoned ship when it realized the efforts were futile, as they instead ‘burned down’ the infrastructure.
Just one round in the fight
It’s no secret that there have been tensions in the cyber security sphere between China and the US in recent years, and Wray confirms that whilst this was a successful operation, it is far from the end of Chinese efforts.
Despite this disruption, the risks remain prevalent from malicious actors who look to target western infrastructure. Efforts to stop Chinese cyberattacks have been officially named as the top priority for US security forces, and OPSWAT’s Eric Knapp confirms the vulnerabilities exposed by the operation,
“The recent advisory [PDF] from the NCSC highlights a clear supply chain risk—specifically how compromised hardware, often sourced from particular countries of origin, can be leveraged for nation-state cyber-espionage activities,” he said. “This is an example of how vulnerabilities in the supply chain can lead to widespread malicious activity such as DDoS attacks and anonymous malware delivery.”
Via The Register
More from TechRadar Pro
https://cdn.mos.cms.futurecdn.net/ZZAHvJaf6Aj3ZwWU8JpckM-1200-80.jpg
Source link
