SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Firewalls
#
IoT
#
ACSC

NZ cyber security agency joins global effort against PRC botnet

Yesterday
Author image
By Catherine Knowles, Journalist

The National Cyber Security Centre (NCSC) of New Zealand has joined forces with international partners to address the threat posed by a botnet network, attributed to cyber actors linked to the People's Republic of China (PRC).

This collaborative effort aims to mitigate the damage caused by the compromised nodes, which facilitate malicious cyber activities.

Acting Deputy Director-General of Cyber Security at the NCSC, Michael Jagusch, stated that the organisation, along with its partners, has released a joint cyber security advisory. This document aims to call out the harmful activities and provide essential advice to aid cyber defenders in identifying and mitigating the risks associated with the botnet's operation.

The international partners participating in this initiative include the Federal Bureau of Investigation (FBI), the United States Cyber National Mission Force (CNMF), the National Security Agency (NSA), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), and the United Kingdom's National Cyber Security Centre (NCSC-UK).

According to Jagusch, the advisory outlines that cyber actors linked to the PRC have compromised various internet-connected devices. These include small office/home office (SOHO) routers, firewalls, network-attached storage (NAS), and internet of things (IoT) devices, aiming to create a botnet poised for malicious activities.

The advisory further identifies a PRC-based organisation, Integrity Technology Group, as the entity responsible for managing and controlling the botnet, which has been active since mid-2021.

"The botnet has regularly maintained between tens to hundreds of thousands of compromised devices. As of June 2024, the botnet consisted of over 260,000 devices," Jagusch said. He added that the compromised devices forming part of the botnet have been detected across North America, Europe, Africa, Southeast Asia, and Oceania, including New Zealand.

"The NCSC and partners are releasing this advisory to highlight the threat posed by these actors and their botnet activity and to encourage exposed device vendors, owners, and operators to update and secure their devices from being compromised and joining the botnet," he asserted.

Jagusch also mentioned that cybersecurity companies could use the information provided in the advisory to help identify malicious activities and reduce the number of devices incorporated into botnets globally.

"Our NCSC works extensively with New Zealand organisations, the cyber security industry, and international partners to identify and mitigate cyber threats facing New Zealand organisations and individuals. It deploys a range of cyber security capabilities including Malware Free Networks and the Phishing Disruption Service to share cyber threat intelligence to help protect New Zealanders from a range of threats," he concluded.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Nebula & Verkada unite for global security & sustainability
Cybercriminals exploit content platforms for phishing attacks
ColorTokens acquires PureID to enhance Xshield capabilities
Sophos report reveals education sector's ransomware battle
Content platforms exploited for phishing attacks, warns Barracuda
Top stories
Crowdstrike unveils major Falcon Platform updates to streamline IT departments
Tenable launches advanced solution for highly secure systems
Veeam names Niraj Tolia new CTO after acquiring Alcion
Sectigo launches pkimetal to streamline certificate linting
Selling ransomware breaches: Four trends spotted on the RAMP forum