Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC and partners issue alert about China state-sponsored cyber attacks

Security

NCSC and partners issue alert about China state-sponsored cyber attacks

The UK and international allies have issued a new alert which shines a light on how China state-sponsored actors have evolved their techniques for launching cyber attacks.

Above: The National Cyber Security Centre (NCSC), Nova South, London.
Image by Simona Flamigni / copyright Shutterstock

The National Cyber Security Centre – a part of GCHQ – has issued an advisory alongside partners in Australia, the US, Canada, New Zealand, Germany, the Republic of Korea and Japan, focusing on how one China state-sponsored cyber actor has carried out attacks against Australian networks.

Advertisement
ODU RT

The threat group APT40 has embraced the trend of exploiting vulnerable small-office and home-office (SoHo) devices as a launching pad for attacks. These devices are softer targets when they are not running the latest software, or are no longer supported with security updates and they more easily conceal malicious traffic.

Two technical case studies showing how these techniques are deployed have been shared to help network defenders identify this malicious activity, which is also used regularly worldwide – including by other China state-sponsored actors.

The UK has previously attributed APT40 as being part of the Chinese Ministry of State Security. Defenders are encouraged to follow the latest advice to help detect and mitigate the malicious activity.

Advertisement
DSEI 2025

The publication of this advisory follows a warning made by the Director of GCHQ in May about the “genuine and increasing cyber risk to the UK” posed by China.   

The advisory, titled 'PRC MSS tradecraft in action', has been co-sealed by the NCSC, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US National Security Agency (NSA), the US Federal Bureau of Investigation (FBI), the Canadian Cyber Security Centre (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), the German Federal Intelligence Service (BND), the Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Center, and Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Police Agency (NPA).

It can be read on the ACSC website.

Advertisement
Cranfield University
Chief Superintendent Fiona Gaffney joins NPAS as COO

Security

Chief Superintendent Fiona Gaffney joins NPAS as COO

15 July 2025

The National Police Air Service (NPAS) has welcomed Chief Superintendent Fiona Gaffney as its new Chief Operating Officer (COO), following the retirement of Chief Superintendent Vicki White after 30 years of service to policing.

Lane Electronics to showcase connectivity solutions at DSEI 2025

Defence Security Events

Lane Electronics to showcase connectivity solutions at DSEI 2025

15 July 2025

Franchised distributor of electrical, electronic and optical connectors, Lane Electronics, will be exhibiting at DSEI 2025 (9th–12th September 2025, Excel London) will have the opportunity to explore the company’s latest connector technologies and its UK-based assembly and services.

UK and France agree scheme to address illegal Channel crossings

Security

UK and France agree scheme to address illegal Channel crossings

11 July 2025

The Prime Minister Keir Starmer and French President Emmanuel Macron, have agreed a scheme to address illegal Channel crossings and dismantle the people smuggling networks.

IFS appoints Kriti Sharma as CEO of Nexus Black

Aerospace Security

IFS appoints Kriti Sharma as CEO of Nexus Black

11 July 2025

IFS has appointed Kriti Sharma as CEO of IFS Nexus Black. This strategic move reinforces IFS’s commitment to industrial AI and fast-tracks the development of agentic AI systems designed for the asset- and service-intensive industries it serves.

Advertisement
ODU RT
Met makes arrest milestone using LFR

Security

Met makes arrest milestone using LFR

10 July 2025

More than 1,000 wanted criminals have now been arrested by the Metropolitan Police Service using Live Facial Recognition (LFR), including paedophiles, rapists and violent robbers.

NCA arrest four for cyber attacks on M&S, Co-op and Harrods

Security

NCA arrest four for cyber attacks on M&S, Co-op and Harrods

10 July 2025

Four people have been arrested in the UK this morning as part of a National Crime Agency (NCA) investigation into cyber attacks targeting M&S, Co-op and Harrods.

Advertisement
Teledyne