US and Canada Warn of Chinese-Linked Hackers Using Back-Door Malware for Potential Sabotage

WASHINGTON / OTTAWA — Dec 4 (GeokHub) US and Canadian cybersecurity agencies have issued an alert: hackers with alleged links to China used a sophisticated malware back-door to infiltrate and maintain long-term access to certain government and IT-sector networks. The agencies say the operation could enable future disruption — or even sabotage — if access is used maliciously.

Get daily updates from GeokHub with the latest tech news, trends and innovations by subscribing to our Newsletter

The malware, dubbed “Brickstorm,” reportedly allows attackers to steal credentials, compromise systems, and remain embedded inside networks for extended periods — giving them time to stealthily manoeuvre and possibly strike when it suits them. In at least one case, the hackers maintained access from April 2024 through September 2025. Among the targets: virtual-machine infrastructure components used by multiple organisations, according to the advisory from US and Canadian authorities.

Officials warn that this type of intrusion — particularly when it involves critical infrastructure or government data — represents a serious national-security risk. As a precaution, affected organisations are being urged to patch systems immediately, tighten access controls, and audit for signs of persistent threat or unauthorised access.

The notice underscores growing concerns over state-linked cyber operations: what began as digital espionage may increasingly become a tool for disruption or sabotage, especially as geopolitical tensions intensify and IT infrastructure becomes more globally interconnected.

If you enjoy our work and want to support us, you can buy us a coffee