The United States government has imposed sanctions on Sichuan Juxinhe Network Technology, a Chinese organization with ties to the Salt Typhoon hacking group. This action comes after Salt Typhoon orchestrated the largest telecommunications hack in U.S. history, infiltrating the systems of at least nine U.S. telecom and internet providers. The breach, which occurred in late December, targeted senior government officials and political figures, accessing their private communications through a stolen private key from BeyondTrust, a cybersecurity company.
Salt Typhoon's infiltration extended to gaining remote access to certain workstations within the U.S. Treasury Department. In response, the Treasury's Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, citing its direct connection to the China-backed hacking group. The hackers compromised various departments within the Treasury, including its sanctions office, and accessed systems used by law enforcement agencies for court-authorized data collection.
Additionally, OFAC sanctioned Yin Kecheng, a cyber actor based in Shanghai, for his involvement in the widespread hack. Yin Kecheng, affiliated with China's Ministry of State Security, has been active in cyber operations for over a decade. The Ministry is responsible for China's foreign intelligence collection, further linking the hack to state-sponsored activities. The breach allowed hackers to access sensitive data, including identities of Chinese targets under U.S. surveillance.
The U.S. government has previously taken action against Chinese cybersecurity firms linked to hacking activities. Earlier sanctions targeted another company linked to a group known as Flax Typhoon. These measures reflect an ongoing effort by U.S. authorities to combat cyber threats originating from foreign actors.
"The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically." – Adewale O. Adeyemo
This statement underscores the U.S.'s commitment to addressing cybersecurity threats affecting national security and privacy. The Treasury highlighted Integrity Technology Group's involvement in "multiple computer intrusion incidents against U.S. victims," which include critical infrastructure sectors.
Leave a Reply