First published: 19 Sep 2024
Last updated: 19 Sep 2024

Content written for

Individuals & families
Small & medium business
Large organisations & infrastructure
Government

Today we have released a joint cyber security advisory in collaboration with our international partners on the People's Republic of China-Linked Actors Compromise Routers and loT Devices for Botnet Operations.

This advisory assesses that cyber actors linked to the People’s Republic of China (PRC) have compromised a range of internet-connected devices to create a network – or ‘botnet’ – positioned for malicious activity. The cyber actors may use the botnet as a proxy to conceal their identities while deploying distributed denial of service (DDoS) attacks or compromising targeted international networks.

The botnet uses the Mirai family of malware (in operation since 2017) to hijack small office/home office routers, firewalls, network-attached storage and other Internet of Things (IoT) devices, such as webcams, DVRs, IP cameras, and routers running UNIX-based operating systems. It takes just one compromised device to impact a network, which is why good cyber hygiene is crucial.

Organisations and individuals should take the following actions:

  • regularly apply patches and updates (software and firmware), to routers, loT and network-attached storage devices
  • replace end-of-life equipment with supported devices and update them regularly
  • implement network segmentation to ensure loT devices within a larger network pose known, limited, and tolerable risks.

To learn more about the threat posed by these cyber actors, and how to protect your organisation, read the full advisory.

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it