HomeMalware & ThreatsUK and US Officials Issue Warning on Chinese Cyberthreat

UK and US Officials Issue Warning on Chinese Cyberthreat

Published on

spot_img

In a recent development, British and U.S. cyber officials have expressed concerns over the growing threat posed by Chinese-backed espionage and cyber disruption to global critical infrastructure. The officials highlighted that Beijing’s aggressive actions are aimed at gaining a competitive edge on the global stage.

During the National Cyber Security Center’s CyberUK conference in Birmingham, Anne Keast-Butler, the director of GCHQ, emphasized the significant risk that China’s actions pose to international norms and values. Keast-Butler described China’s behavior as coercive and destabilizing, undermining the security of the internet. She stated that responding to the scale and complexity of this challenge is the top priority for GCHQ, with a dedicated focus on China.

The warning from GCHQ comes on the heels of a recent disclosure by British Secretary of State for Defense Grant Shapps regarding a suspected Chinese hack on a U.K defense contractor, which exposed sensitive information of 270,000 individuals. This incident has raised concerns about the vulnerability of critical assets to cyber threats orchestrated by Chinese state actors.

In a separate development, U.S. federal prosecutors have indicted seven Chinese nationals accused of working for a front company used by APT31, a Chinese state-sponsored hacking group. This indictment underscores the evolving tactics employed by Chinese hackers, with a shift towards infiltrating critical infrastructure in the U.S. with the intent to disrupt operations in times of need.

Harry Coker, the U.S. national cyber director, highlighted China’s strategic focus on dominating global competition through cyber means. He emphasized the need for the U.S. and its allies to assert control over the digital domain and dictate terms to counter Chinese aggression effectively.

Securing critical infrastructure remains a persistent challenge, as noted by Heather Adkins, Google’s vice president of security engineering. Adkins cautioned against the industry’s continued reliance on outdated security measures like passwords and highlighted the vulnerabilities arising from memory safety flaws. She stressed the importance of transitioning away from password-based authentication, which has been in use since the 1960s, towards more robust security practices.

Overall, the warnings issued by British and U.S. officials underscore the pressing need for enhanced cybersecurity measures to safeguard critical infrastructure from evolving threats posed by state-sponsored actors like China. The ongoing efforts to counter these cyber threats require a collaborative approach involving government agencies, private sector entities, and international partners to mitigate risks and protect vital systems and services.

Source link

Latest articles

Adobe Addresses Critical Vulnerabilities in ColdFusion and Campaign Classic

Adobe Addresses Critical Vulnerabilities in ColdFusion and Campaign Classic Adobe Systems Incorporated has recently taken...

Microsoft Exchange SSRF Vulnerability Allows Low-Privileged Attackers to Access Arbitrary Files

A significant vulnerability in Microsoft Exchange Server, designated as CVE-2026-45504, has recently come to...

U.S. Government Entity Pays Kairos $1 Million in Data Theft Extortion Case

In a concerning development within the realm of cybersecurity, a U.S. governmental entity has...

Citrix Addresses NetScaler Vulnerabilities with New Patches – CyberMaterial

Citrix Urgently Addresses Vulnerabilities in NetScaler Products In a recent development, Citrix has moved to...

More like this

Adobe Addresses Critical Vulnerabilities in ColdFusion and Campaign Classic

Adobe Addresses Critical Vulnerabilities in ColdFusion and Campaign Classic Adobe Systems Incorporated has recently taken...

Microsoft Exchange SSRF Vulnerability Allows Low-Privileged Attackers to Access Arbitrary Files

A significant vulnerability in Microsoft Exchange Server, designated as CVE-2026-45504, has recently come to...

U.S. Government Entity Pays Kairos $1 Million in Data Theft Extortion Case

In a concerning development within the realm of cybersecurity, a U.S. governmental entity has...