Priya PatelTLDR:
- NSA and FBI warn of cyber hackers linked to PRC compromising routers and IoT devices for botnet operations
- Hackers have established a botnet with thousands of compromised devices for malicious activities
The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have issued a joint advisory warning about cyber actors linked to the People’s Republic of China (PRC) who have established a botnet using compromised routers, firewalls, and IoT devices for malicious activities. Integrity Technology Group, a company based in PRC, has been identified as controlling and managing this botnet since mid-2021. The botnet, known to reach over 260,000 devices by June, has been used for distributed denial-of-service (DDoS) attacks and compromising targeted U.S. networks.
Key Points:
- PRC-linked cyber hackers have established a botnet using compromised routers and IoT devices
- Integrity Technology Group controls and manages the botnet for malicious activities
Full Article:
The advisory provides insights into the infrastructure and tactics used by these cyber actors, encouraging organizations to update and secure their devices to prevent them from joining the botnet. Recommendations include disabling unused services, implementing network segmentation, monitoring network traffic, applying patches and updates, and replacing end-of-life equipment. Organizations are also advised to plan for device reboots and use technologies like data diodes for secure data flow.
