UK condemns Chinese cyber attacks against governments and businesses

Thursday 17 Sep 2020 @ 13:43
National Cyber Security Centre

The UK yesterday joined international allies to call out malicious cyber activity carried out by China.

Image of an antivirus alert on a desktop computer

Criminal charges against Chinese nationals and arrests of Malaysian nationals have been announced by the US Department of Justice (DoJ) following a campaign of attacks targeting governments and businesses.

The Foreign Secretary, Dominic Raab, yesterday said:

“Today we have another example of the Chinese using malicious cyber activity for criminal ends. We condemn the attempted attacks against governments and businesses. This kind of opportunistic and reckless behaviour in cyberspace is wholly unacceptable.

“The UK will continue to counter those conducting such cyber attacks, and work with our allies to hold perpetrators to account.”

A variety of mitigations that would help to defend against the threats outlined in the indictment are available on the NCSC website, including advice on how to;

Use multi-factor authentication (MFA) or two-factor authentication (2FA) to reduce the impact of password compromises
Protect your devices and networks by keeping them up to date. Use the latest supported versions, apply security patches promptly, use antivirus and scan regularly to guard against known malware threats.
Protect the management interfaces of your critical operational systems. In particular, use browse down architecture to prevent attackers easily gaining privileged access to your most vital assets.
Set up a security monitoring capability so you are collecting the data that will be needed to analyse network intrusions.
Review and refresh your incident management processes
Restrict intruders' ability to move freely around your systems and networks. Pay particular attention to potentially vulnerable entry points eg third-party systems with onward access to your core network. During an incident, disable remote access from third-party systems until you are sure they are clean.
Adding applications to your 'allow list'. If supported by your operating environment, consider putting permitted applications onto your 'allow list'. This will help prevent malicious applications from running.
Use antivirus. Keep any antivirus software up to date, and consider use of a cloud-backed antivirus product. These provide better threat intelligence and more advanced analysis. Ensure that it is also capable of scanning MS Office macros.
Further information on mitigating malware: Invest in preventing malware-based attacks across various scenarios.

Channel website: https://www.ncsc.gov.uk/

Original article link: https://www.ncsc.gov.uk/news/uk-condemns-chinese-cyber-attacks-against-businesses-governments

Share this article

Latest News from
National Cyber Security Centre

Keynote address to FT Cyber Resilience Summit 2025

04/12/2025 16:15:00

Security Minister Dan Jarvis's speech given yesterday at 22 Bishopsgate on the government's action to tackle cybercrime.

Bargain hunters urged to stay alert to cyber scams ahead of holiday shopping season

17/11/2025 11:15:00

The latest Stop! Think Fraud campaign provides practical advice to help individuals stay secure online

NCSC statement: Incident impacting Jaguar Land Rover

05/09/2025 15:20:00

Statement from the NCSC regarding the cyber incident affecting Jaguar Land Rover.

UK and allies expose China-based technology companies for enabling global cyber campaign against critical networks

28/08/2025 11:05:00

The NCSC and international partners share technical details of malicious activities and urge organisations to take mitigative actions.

Prison for fugitive heroin smuggler who used encrypted phone to hide his identity

28/07/2025 16:15:00

A heroin trafficker caught after going on the run from the National Crime Agency (NCA) has been jailed for 12 years and seven months.

UK to lead crackdown on cyber criminals with ransomware measures

23/07/2025 09:15:00

Measures to tackle the threat of ransomware and protect businesses and critical services will be taken forward with industry following public consultation.

New assurance initiatives to help boost confidence in cyber resilience

09/05/2025 10:25:00

Two initiatives designed to raise national cyber resilience announced at the NCSC's CYBERUK 2025 conference.

Preparing for post-quantum threat will make "fixing the Millennium Bug look easy"

08/05/2025 13:15:00

NCSC's CTO urges organisations to recognise “decade-long, national-scale technology change” required to prepare for the post-quantum threat.

UK pioneering global move away from passwords

08/05/2025 12:15:00

Government to roll out passkey technology across digital services as an alternative to SMS-based verification.

WIREDGOV