Trump has begun another trade war. Here's a timeline of how we got here
Canada's leader laments lost friendship with US in town that sheltered stranded Americans after 9/11
Chinese EV giant BYD's fourth-quarter profit leaps 73%
You're an American in another land? Prepare to talk about the why and how of Trump 2.0
Chalk talk: Star power, top teams and No. 5 seeds headline the women's March Madness Sweet 16
Purdue returns to Sweet 16 with 76-62 win over McNeese in March Madness
(CNN) โ The FBI has used a court order to seize control of a network of hundreds of thousands of hacked internet routers and other devices that Chinese government-linked hackers were using to threaten critical infrastructure in the US and overseas, FBI Director Christopher Wray said Wednesday.
โIt is just one round in a much longer fight,โ Wray said in a speech at the Aspen Cyber Summit in Washington, DC. โThe Chinese government is going to continue to target your organizations and our critical infrastructure.โ
The massive web of hacked devices โ known as a botnet โ was a menace that the Chinese hackers could have used to conduct targeted cyberattacks on US companies or government agencies, according to an advisory released by the US and its โFive Eyesโ allies (the English-speaking alliance that includes Australia, Canada, New Zealand and the United Kingdom). As of June, the botnet included over 260,000 hacked devices from all over the world, from North and South America to Australia, according to US officials. Those hacked devices ranged from webcams to DVRs to routers, and about half of them were located in the US, according to Wray.
A spokesperson for the Chinese Embassy in Washington called the US allegations โgroundlessโ and accused the US government of conducting cyberattacks against China.
Itโs the latest tit-for-tat in the often-tense relations between US and China in cyberspace. The US government has long warned that another Chinese government-backed hacking group has been lurking in US transportation and communication networks, waiting to use that access to disrupt any US response to a potential Chinese invasion of Taiwan.
That Chinese hacking unit is preparing to โwreak havoc and cause real-world harmโ to the US, Wray told Congress in January.
A tool of choice
The botnet targeted by the FBI and its allies on Wednesday was an active menace, Wray said in his speech.
The botnet caused โan all-hands-on deck cybersecurity incidentโ for one unnamed California-based organization, causing โsignificant financial loss,โ the FBI director said.
But Wednesdayโs takedown was more about what the botnet could have done than what it did. The army of zombie computers has been a quiet and looming threat to US government networks for many months, according to experts. In late December 2023, the botnetโs operators โconducted extensive scanning effortsโ of US military and other government agencies, according to US tech firm Lumen Technologies, which investigated the activity.
Botnets are a tool of choice for both cybercriminals and state-backed hackers because users around the world are often unaware that their computers have been hijacked for scamming or espionage. The FBI said in February that it had helped disrupt a network of over 1,000 hacked internet routers that Russiaโs military intelligence agency was allegedly using for cyber espionage operations against the United States and its European allies.
The Chinese botnet targeted on Wednesday had an array of capabilities, including the ability to conducted tailored cyberattacks using the devices it had compromised, according to Lumen researchers.
Lumen researchers are watching for signs that the Chinese hackers will resurrect the botnet. But for now, โwe assess that the botnet has been taken offline due to a combination of law enforcement efforts and null routing as of September 18,โ Danny Adamitis, principle information security engineer at Lumenโs Black Lotus Labs threat intelligence division, told CNN.
Null routing is a process that internet technology providers can use to stop data from being sent to a specific IP address.
A Chinese company named Integrity Technology Group managed the botnet for the last three years, according to US officials. CNN has requested comment from the company.
The Chinese tech firm is โinvolved in many of Chinaโs most important programs and efforts to improve its hacking capabilities,โ Dakota Cary, a consultant at security firm SentinelOne who focuses on China, told CNN. โThe naming of the company is significant as it demonstrates allied governmentsโ visibility into Chinaโs operations, as well as enabling researchers to further investigate the company.โ
The-CNN-Wire
โข & ยฉ 2024 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.
