FBI disrupts chinese botnet targeting critical infrastructure
The FBI has dealt a significant blow to a major Chinese-linked hacking operation, seizing control of a vast network of hacked devices used to threaten critical infrastructure both in the U.S. and globally.
The FBI has dealt a significant blow to a major Chinese-linked hacking operation, seizing control of a vast network of hacked devices used to threaten critical infrastructure both in the U.S. and globally.
FBI Director Christopher Wray revealed on Wednesday that the operation, involving hundreds of thousands of compromised internet routers, webcams, and other devices, was aimed at conducting potential cyberattacks on U.S. companies and government agencies.
“It is just one round in a much longer fight,” Wray said during a speech at the Aspen Cyber Summit in Washington, DC. “The Chinese government is going to continue to target your organizations and our critical infrastructure.”
Also Read: Lebanon reels as second wave of explosive device blasts Kills 20, wounds hundreds
The botnet, which spanned over 260,000 devices worldwide, was a major cyber threat. According to Wray, about half of these compromised devices were located in the U.S. The FBI’s action comes amid ongoing tensions between the U.S. and China over cyberspace, with U.S. officials warning of Chinese-backed hackers potentially disrupting U.S. responses to a hypothetical Chinese invasion of Taiwan.
The botnet’s disruption is seen as a preventive measure against potential cyberattacks that could have targeted U.S. networks. Wray highlighted an incident where the botnet led to a significant cybersecurity crisis for an unnamed organization in California, resulting in considerable financial loss.
The operation, involving a Chinese company named Integrity Technology Group, was reportedly managed over the past three years. The FBI and its allies have been monitoring the botnet’s activities, which included extensive scanning of U.S. military and government networks in late 2023.
Danny Adamitis of Lumen Technologies confirmed that the botnet has been taken offline, thanks to a combination of law enforcement actions and null routing, a technique used to block data from reaching specific IP addresses.
The Chinese Embassy in Washington has dismissed the allegations as “groundless” and countered that the U.S. is engaging in cyberattacks against China. The latest disruption underscores the ongoing cyber conflict between the two nations, with the U.S. government continuing to address the threat of state-sponsored hacking against its infrastructure.
Dakota Cary, a consultant at SentinelOne, emphasized the significance of naming Integrity Technology Group, noting it reflects the visibility of allied governments into China’s cyber operations and aids in further investigation.
As the FBI continues to address these cyber threats, the botnet’s takedown represents a crucial step in countering the persistent and evolving challenges in global cybersecurity.