Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC and partners issue alert about China state-sponsored cyber attacks

Security

NCSC and partners issue alert about China state-sponsored cyber attacks

The UK and international allies have issued a new alert which shines a light on how China state-sponsored actors have evolved their techniques for launching cyber attacks.

Above: The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simona Flamigni / copyright Shutterstock

The National Cyber Security Centre – a part of GCHQ – has issued an advisory alongside partners in Australia, the US, Canada, New Zealand, Germany, the Republic of Korea and Japan, focusing on how one China state-sponsored cyber actor has carried out attacks against Australian networks.

Advertisement
ODU RT

The threat group APT40 has embraced the trend of exploiting vulnerable small-office and home-office (SoHo) devices as a launching pad for attacks. These devices are softer targets when they are not running the latest software, or are no longer supported with security updates and they more easily conceal malicious traffic.

Two technical case studies showing how these techniques are deployed have been shared to help network defenders identify this malicious activity, which is also used regularly worldwide – including by other China state-sponsored actors.

The UK has previously attributed APT40 as being part of the Chinese Ministry of State Security. Defenders are encouraged to follow the latest advice to help detect and mitigate the malicious activity.

Advertisement
ODU RT 2

The publication of this advisory follows a warning made by the Director of GCHQ in May about the “genuine and increasing cyber risk to the UK” posed by China.   

The advisory, titled 'PRC MSS tradecraft in action', has been co-sealed by the NCSC, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US National Security Agency (NSA), the US Federal Bureau of Investigation (FBI), the Canadian Cyber Security Centre (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), the German Federal Intelligence Service (BND), the Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Center, and Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Police Agency (NPA).

It can be read on the ACSC website.

Advertisement
General Atomics LB General Atomics LB
Smiths Detection awarded its largest ever service agreement

Aerospace Security

Smiths Detection awarded its largest ever service agreement

10 October 2024

Smiths Detection today announced it has been awarded a seven year contract to support TechFlow’s Integrated Logistics Support Contract with the Transportation Security Administration (TSA) to service hold baggage X-ray inspection systems at airports across the US, which is the largest service agreement in its history.

CAAi and Rapiscan to enhance X-ray screener testing

Aerospace Security

CAAi and Rapiscan to enhance X-ray screener testing

10 October 2024

CAA International (CAAi) and Rapiscan have announced a strategic collaboration to transform airport security screening and drive the adoption of advanced screener assessment solutions by establishing a global platform to enhance X-ray screening competency within the aviation sector.

CCL launches Cyber and Specialist Services division

Security

CCL launches Cyber and Specialist Services division

9 October 2024

CCL Solutions Group has announced the formation of a dedicated Cyber and Specialist Services division to provide clients with a higher level of all-round protection.

The ASA Group opens offices in UK and USA

Security

The ASA Group opens offices in UK and USA

9 October 2024

The ASA Group is opening offices in the UK and the USA to enhance global security services, appointing Tom McAdams as Country Manager and Business Development Manager for the UK and Matt Burdette as Country Manager and Vice President of Business Development for the USA.

Advertisement
ODU RT
Search for young UK cyber security talent begins

Security

Search for young UK cyber security talent begins

9 October 2024

Young people across the country are being called upon to put their cyber skills to the test in the new UK Cyber Team Competition, offering them the chance to represent the UK on the world stage and kickstart a career in cyber security.

BA expands Isuzu D-Max pick-up fleet at Heathrow

Aerospace Security

BA expands Isuzu D-Max pick-up fleet at Heathrow

8 October 2024

British Airways has expanded its fleet of Isuzu D-Max pick-ups with an additional four to assist Heathrow operations.

Advertisement
ODU RT 2