Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Ellen Jennings-Trace

Five Eyes alliance seizes control of extensive spy tech network used by China

China's flag overlays laptop screen.

A network of devices has been seized by the western intelligence alliance, Five Eyes, taking control of a 260,000 device botnet. The network was reportedly in development since 2021, and was likely used to help Chinese actors breach critical infrastructure and government agencies in the US, Taiwan, and elsewhere.

The Five Eyes alliance, which is composed of the UK, US, Canada, Australia, and New Zealand, carried out the operation to dismantle the network. More than half of the devices were in the US, and consisted primarily of malware infected PCs and servers.

FBI Director Christopher Wray said that it was ‘all hands on deck’ when agents gained control of the network. The Chinese team then reportedly launched a DDoS strike to disrupt the Five Eyes efforts, but abandoned ship when it realized the efforts were futile, as they instead ‘burned down’ the infrastructure.

Just one round in the fight

It’s no secret that there have been tensions in the cyber security sphere between China and the US in recent years, and Wray confirms that whilst this was a successful operation, it is far from the end of Chinese efforts.

Despite this disruption, the risks remain prevalent from malicious actors who look to target western infrastructure. Efforts to stop Chinese cyberattacks have been officially named as the top priority for US security forces, and OPSWAT’s Eric Knapp confirms the vulnerabilities exposed by the operation,

“The recent advisory [PDF] from the NCSC highlights a clear supply chain risk—specifically how compromised hardware, often sourced from particular countries of origin, can be leveraged for nation-state cyber-espionage activities,” he said. “This is an example of how vulnerabilities in the supply chain can lead to widespread malicious activity such as DDoS attacks and anonymous malware delivery.”

Via The Register

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.