The Cybersecurity and Infrastructure Security Agency and the U.K.’s National Cyber Security Centre have issued a joint advisory warning of covert networks of compromised devices linked to Chinese state-sponsored cyber actors.
The growing concern over China-related threats highlights the significance and importance of strong cybersecurity. Gain more insights on how the government and industry are addressing evolving cyberthreats at the 2026 Cyber Summit, presented by the Potomac Officers Club, which will be held on May 21. Sign up now!
Table of Contents
What Does the CISA and NCSC Advisory Address?
The guidance titled “Defending Against China-Nexus Covert Networks of Compromised Devices” aims to help organizations defend against threat actors like Volt Typhoon and Flax Typhoon that exploit vulnerable devices to build hidden networks used in malicious cyber activity. The advisory details how botnets consisting of compromised network infrastructure, including routers, firewalls and network-attached storage, along with internet of things devices such as web cameras, video recorders and other smart equipment, are used to conceal the identities and conduct espionage, intrusions and data theft.
“This advisory informs organizations of how these actors are strategically using numerous, evolving covert networks at scale for malicious cyber activity,” said CISA Acting Director Nick Andersen.
What Does the Guidance Recommend?
CISA and its partners recommend that organizations identify and understand network edge devices and the assets connected to them, while establishing a baseline of normal network activity, particularly for VPNs and similar remote access services. The advisory also calls for maintaining a log collection and storage capabilities to support detection and response efforts, along with implementing multifactor authentication to better secure remote connections.
“CISA strongly encourages organizations to review and implement appropriate mitigation measures to defend their devices from this threat. Every day, CISA works to empower organizations with actionable information to strengthen their security and resilience against cyber threats,” Andersen said.
Related Articles
Gen. Michael Guetlein, director of Golden Dome for America, and Emil Michael, under secretary of war for research and engineering, highlighted progress on the next-generation homeland missile defense initiative during an event held Thursday at Joint Expeditionary Base Little Creek-Fort Story in Virginia Beach, Virginia. Both leaders are Wash100 Award winners. Golden Dome highlights the growing focus on integrated air and missile defense capabilities across the national security landscape. Attend the 2026 Air and Space Summit to join experts as they discuss emerging technologies and defense strategies in support of missions across two critical domains. Save your spot now! What
President Donald Trump has nominated Gary Shatswell as chief information officer and assistant secretary for information and technology at the Department of Veterans Affairs. The Senate said Tuesday that it has received Shatswell’s nomination for the dual-hatted role. If confirmed, Shatswell will succeed Kurt DelBene, who departed the VA in January 2025 to retire. Who Is Gary Shatswell? Shatswell has over three decades of experience as an executive in the private and public sectors. He currently serves as a senior adviser to VA Secretary Douglas Collins. Prior to joining the VA, he was group chief information officer at Unilever Prestige,
The General Services Administration has launched the 2026 class of Presidential Innovation Fellows, bringing technology professionals into federal service to support priority government initiatives. Who Are the 2026 Presidential Innovation Fellows? The new cohort includes 17 experts from technology companies, startups and other organizations who will serve one-year assignments across 10 federal agencies. Participating agencies include the Departments of State, Energy and Veterans Affairs; the Cybersecurity and Infrastructure Security Agency; the Centers for Medicare and Medicaid Services; the National Institute of Standards and Technology; the National Oceanic and Atmospheric Administration; the U.S. Army Corps of Engineers; the Coast Guard; and the