Advertisement
Gulfstream banner

News

Articles

Information

Resources

Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC and partners issue alert about China state-sponsored cyber attacks

Security

NCSC and partners issue alert about China state-sponsored cyber attacks

Posted 10 July 2024
The UK and international allies have issued a new alert which shines a light on how China state-sponsored actors have evolved their techniques for launching cyber attacks.

Above: The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simona Flamigni / copyright Shutterstock

The National Cyber Security Centre – a part of GCHQ – has issued an advisory alongside partners in Australia, the US, Canada, New Zealand, Germany, the Republic of Korea and Japan, focusing on how one China state-sponsored cyber actor has carried out attacks against Australian networks.

Advertisement
ODU RT

The threat group APT40 has embraced the trend of exploiting vulnerable small-office and home-office (SoHo) devices as a launching pad for attacks. These devices are softer targets when they are not running the latest software, or are no longer supported with security updates and they more easily conceal malicious traffic.

Two technical case studies showing how these techniques are deployed have been shared to help network defenders identify this malicious activity, which is also used regularly worldwide – including by other China state-sponsored actors.

The UK has previously attributed APT40 as being part of the Chinese Ministry of State Security. Defenders are encouraged to follow the latest advice to help detect and mitigate the malicious activity.

Advertisement
ODU RT

The publication of this advisory follows a warning made by the Director of GCHQ in May about the “genuine and increasing cyber risk to the UK” posed by China.   

The advisory, titled 'PRC MSS tradecraft in action', has been co-sealed by the NCSC, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US National Security Agency (NSA), the US Federal Bureau of Investigation (FBI), the Canadian Cyber Security Centre (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), the German Federal Intelligence Service (BND), the Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Center, and Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Police Agency (NPA).

It can be read on the ACSC website.

Advertisement
FIA2026 animated banner
MGI conducts first TigerShark flights with Auterion

Aerospace Defence Security

MGI conducts first TigerShark flights with Auterion

2 April 2026

MGI Engineering Ltd (MGI) has announced the successful first flights of its TigerShark uncrewed deep strike platform, in partnership with Auterion.

Logiq acquires Savient

Security

Logiq acquires Savient

1 April 2026

Logiq has acquired Savient Ltd, a technology and data specialist focused on delivery in highly regulated environments, strengthening its capability and further expanding its presence in the South-West.

SIA introduces changes for close protection operatives

Security

SIA introduces changes for close protection operatives

1 April 2026

Today, the Security Industry Authority (SIA) have introduced changes to training for those holding, or applying for, a close protection licence.

NCSC warns of messaging app targeting

Security

NCSC warns of messaging app targeting

1 April 2026

Alongside international partners, the National Cyber Security Centre (NCSC) has issued actions for individuals at risk of attacks against messaging apps, as a result of growing malicious activity from Russia-based actors using messaging apps - such as WhatsApp, Messenger and Signal - to target high-risk individuals.

Advertisement
ODU RT
LexisNexis Risk Solutions releases Cybercrime Report

Security

LexisNexis Risk Solutions releases Cybercrime Report

31 March 2026

LexisNexis Risk Solutions has released its latest Cybercrime Report which reveals rapid growth in synthetic identity fraud, bot-driven attacks and account takeover activity across global markets, whilst first-party fraud remains the most reported fraud type.

Getac launches CommandCore

Defence Security

Getac launches CommandCore

27 March 2026

Getac has announced the launch of its CommandCore rugged drone control solution.

Advertisement
ODU RT
Advertisement
FIA2026 animated banner

News

Articles

Information

Resources

© 2026 Advance - All rights reserved

Website by Silkstream

The views expressed are not necessarily those of ADS or its members. No responsibility or liability is accepted by ADS, the editorial team or the publisher for any loss occasioned to any person, legal or physical, acting or refraining from action as a result of any statement, fact, figure, expression of opinion or belief contained within this site.

Advertisement
Gulfstream banner