The National Security Agency has issued a cybersecurity advisory, or CSA, on China-linked threat actors who hacked into internet-connected devices to create a botnet and execute malicious online activity.
The CSA was published in coordination with the FBI, the U.S. Cyber Command’s Cyber National Mission Force and international allies, NSA said Wednesday.
The cyber alert outlined the threats posed by the hackers and their botnet, a network of compromised nodes used for illicit cyber operations.
“The advisory provides new and timely insight into the botnet infrastructure, the countries where compromised devices are located, and mitigations for securing devices and eliminating this threat,” NSA Cybersecurity Director Dave Luber said in a statement.
According to the advisory, the botnet has more than 260,000 compromised devices in North America, Europe, Africa and Southeast Asia as of June.
The hacked devices include small home and office routers, firewalls, network-attached storage and Internet of Things gadgets.
From these devices, the threat actors build a botnet to hide their online activity, launch distributed denial of service attacks or breach U.S. networks.
To ensure they are protected, the CSA authors called on device vendors, owners and operators to immediately update and secure their equipment.
The advisory also encouraged national security systems, defense agencies and defense industrial base networks to mitigate the cyberthreats by regularly applying patches, disabling unused services and ports, and replacing default passwords with strong passwords.
