Old devices, idle servers can be turned to spy on us, China’s top security agency warns

In continuing awareness campaign, Beijing’s Ministry of State Security says foreign agencies control disused equipment to gain state secrets

Reading Time:2 minutes

China’s Ministry of State Security urges Chinese to check, and if necessary decommission, idle equipment and unused ports in information systems to plug security gaps. Photo: Shutterstock Images

Published: 2:16pm, 11 Oct 2024Updated: 5:55pm, 11 Oct 2024

Foreign spy agencies have been using Chinese firms’ idle or discarded network devices, including servers and cameras, to launch cyberattacks and steal national secrets, the country’s top anti-espionage agency warned on Friday.

In a post on the Chinese messaging app WeChat, the Ministry of State Security said the tactic had become a trend in recent years.

In one case, a foreign spy agency had taken control of a Chinese firm’s server that remained in the company’s computer room even though it was no longer in use. The server was then used to launch a spy attack, the ministry said.

05:29

China executes scientist for spying in 2016, among 10 ‘shocking’ cases revealed in documentary

In another case, it said, a camera monitoring platform was attacked, with the names and passwords for many users’ cameras still on the platform’s server. The system had not been maintained or updated for a long time, leading to a high risk of data leaks, the article said.

The ministry said that if a spy agency took control of the platform, it could manipulate its cameras and use them to steal secrets. Meanwhile, network ports could also be controlled by overseas agencies to log on to servers and launch attacks.

The ministry cautioned that as China’s network equipment was upgraded, the risks from idle equipment also increased. Units with access to top secrets should better manage this equipment and better train staff to carry out periodic checks and prevent the risk of leaks.

Furthermore, idle equipment in information systems should be checked, ports no longer in use should be closed and any security loopholes plugged, the MSS said.