Advertisement
Gulfstream banner

News

Articles

Information

Resources

Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC and partners issue advice to counter campaign targeting devices

Security

NCSC and partners issue advice to counter campaign targeting devices

Posted 20 September 2024
The National Cyber Security Centre (NCSC) – a part of GCHQ – has issued a new advisory alongside partners in the US, Australia, Canada and New Zealand, which reveals how a company based in China with links to China’s government, has managed a botnet consisting of over 260,000 compromised devices around the world.

Above: The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simona Flamigni / copyright Shutterstock

The UK and international allies are urging individuals and organisations to take protective action after exposing a global network of compromised internet-connected devices operated by a China-linked company and used for malicious purposes.

Advertisement
ODU RT

A botnet is a network of internet-connected devices that are infected with malware and controlled by a group to conduct co-ordinated cyber attacks without the owners’ knowledge.

The compromised devices include routers, firewalls, and Internet of Things (IoT) devices – including webcams and CCTV cameras – which can then be used by the actors for a variety of malicious purposes, such as anonymous malware delivery and distributed denial of service (DDoS) attacks.

The advisory names Integrity Technology Group as responsible for controlling and managing the botnet, which has been active since mid-2021, and has been utilised by the malicious cyber actor commonly known as Flax Typhoon.

The advisory shares technical details and mitigation advice to help defend against malicious activity delivered through this botnet. It also highlights the risk to owners of how unpatched and end-of-life equipment can be exploited by malicious cyber actors.

Paul Chichester, NCSC Director of Operations, said: “Botnet operations represent a significant threat to the UK by exploiting vulnerabilities in everyday internet-connected devices with the potential to carry out large-scale cyber attacks.

“Whilst the majority of botnets are used to conduct coordinated DDoS attacks, we know that some also have the ability to steal sensitive information.

Advertisement
ODU RT

“That’s why the NCSC, along with our partners in Five Eyes countries, is strongly encouraging organisations and individuals to act on the guidance set out in this advisory – which includes applying updates to internet-connected devices – to help prevent their devices from joining a botnet.”

As with similar botnets, the botnet described in this advisory is composed of a network of devices, known as bots, which are infected with a type of malware that provides threat actors with unauthorised remote access.

To recruit a new ‘bot’, the botnet system first compromised an internet-connected device using a known vulnerability exploit which then provides access to establish a remote command and control execution.

This advisory has been co-sealed by the NCSC and agencies in the United States, Australia, Canada and New Zealand.

Read the advisory in full

Advertisement
FIA2026 animated banner
UK to deliver large drone package to Ukraine

Defence Security

UK to deliver large drone package to Ukraine

15 April 2026

The UK has announced the biggest ever drone package for Ukraine, delivering at least 120,000 drones for Ukraine this year and driving growth and jobs across the UK.

SIA launches consultation on section 12 guidance for Martyn’s Law

Security

SIA launches consultation on section 12 guidance for Martyn’s Law

15 April 2026

The Security Industry Authority (SIA) has today launched a public consultation on its draft section 12 statutory guidance.

NPAS receives first two aircraft for FRP

Aerospace Security

NPAS receives first two aircraft for FRP

15 April 2026

The National Police Air Service (NPAS) has reached a major milestone in its National Fleet Replacement Programme (FRP) with the arrival of the first two H135 T3H aircraft at Airbus Helicopters UK in Oxford.

ALTEN opens office in Belfast

Aerospace Defence Security Space

ALTEN opens office in Belfast

14 April 2026

ALTEN has announced the opening of its newest UK office in Belfast, marking a significant strategic expansion into Northern Ireland.

Advertisement
ODU RT
Zelim’s ZOE becomes world’s first fully certified MOB system

Defence Security

Zelim’s ZOE becomes world’s first fully certified MOB system

14 April 2026

Edinburgh headquartered maritime safety and security specialist Zelim, today announced that its AI-enabled ZOE man-overboard detection (MOB) system has received official ISO 21195:2020 certification from independent classification body Lloyd’s Register, following successful completion of testing.

Vietnam Helicopter Corporation bolsters offshore operations with Airbus

Aerospace Defence Security

Vietnam Helicopter Corporation bolsters offshore operations with Airbus

8 April 2026

Subsidiaries of the Vietnam Helicopter Corporation (VNH), Southern Vietnam Helicopter Company (VNH South) and Northern Vietnam Helicopter Company (VNH North), have placed an order for three Airbus H225 helicopters, to support the continued expansion of its offshore energy operations and progressively replace ageing aircraft in its fleet.

Advertisement
ODU RT
Advertisement
FIA2026 animated banner

News

Articles

Information

Resources

© 2026 Advance - All rights reserved

Website by Silkstream

The views expressed are not necessarily those of ADS or its members. No responsibility or liability is accepted by ADS, the editorial team or the publisher for any loss occasioned to any person, legal or physical, acting or refraining from action as a result of any statement, fact, figure, expression of opinion or belief contained within this site.

Advertisement
Gulfstream banner