This is an unintended consequence of the home office boom.
Federal investigators say they have dismantled a vast network of compromised home office routers used by Chinese hackers to support attacks on U.S. critical infrastructure.
Justice Department officials announced Wednesday that they have completed a court-authorized sweep of hundreds of home and small office routers across the country infected with a malicious program known as the “KV Botnet.”
Computer security experts identified the malware last year as part of an operation called “Bolt Typhoon” launched by Chinese state-sponsored hackers to target U.S. infrastructure systems.
Investigators said the hackers used compromised routers to evade detection through a technique known as “living off the land,” which involves blending in with normal computer system and network activity.
Experts say this type of botnet is often difficult to detect because it typically does not interfere with the normal operation of the device. Corporate systems tend to be less susceptible as companies usually employ their IT technicians to monitor for such intrusions.
According to prosecutors, most of the infected routers were manufactured by Cisco Systems.
CSCO
and Netgear Co., Ltd.
NTGR
,
This means that companies no longer support security patch updates.
The Justice Department said in a statement that the court-approved operations automatically removed malware from infected routers or blocked communication with the devices used to control them.
Federal Bureau of Investigation Director Christopher Wray said, “Chinese hackers are targeting critical U.S. civilian infrastructure, with proactive intent to cause real-world harm to U.S. citizens and communities in the event of conflict. ” “Volt Typhoon’s malware allowed China to hide and target our nation’s communications, energy, transportation, and water sectors.”
Liu Pengyu, a spokesperson for the Chinese embassy in Washington, D.C., said Beijing “has firmly opposed hacking attacks and misuse of information technology.”
“The United States has the most powerful cyber technology of any country, but it uses such technology more for hacking and eavesdropping than any other country. I ask them to stop their irresponsible criticism of other countries.”
U.S. officials said the operation did not disrupt the functionality of the hacked routers or collect any information from them. Anyone whose equipment was affected will be notified by the FBI.