The U.S. government has announced sanctions against Chinese organizations linked to Salt Typhoon, the hacker group that carried out the largest communications hack in U.S. history.
The Treasury Department's Office of Foreign Assets Control (OFAC) on Friday sanctioned a China-based cybersecurity company known as Sichuan Jixinhe Network Technology for direct ties to the Chinese-backed hacking group Salt Typhoon. announced.
Salt Typhoon is said to have carried out the largest communications hack in U.S. history after infiltrating at least nine U.S. telecommunications and internet providers, including AT&T and Verizon, and accessing the private communications of U.S. government officials and politicians. Recently identified.
Hackers could also break into systems used by law enforcement agencies to collect court-sanctioned customer data, potentially gaining access to sensitive data such as the identities of Chinese nationals who are subject to U.S. surveillance. .
OFAC said in a press release Friday that Sichuan Giants was “directly involved in the exploitation of these U.S. telecommunications and internet service provider companies.”
Sanctions on Treasury hackers
OFAC also announced sanctions against Shanghai cyber attacker Ying Kecheng. U.S. officials claim this person is responsible for the recent massive hack of the U.S. Treasury Department.
In the hack, which occurred in late December, hackers used private keys stolen from BeyondTrust, a cybersecurity company that provides identity access technology to large organizations and government departments, to access the workstations of certain Treasury Department employees. Accessed remotely.
The cyberattack enabled hackers, another Chinese state-backed group known as Silk Typhoon, to target various departments within the U.S. Treasury Department, including the Office of Sanctions.
According to OFAC, Ying Kechen has been active as a cyber attacker for more than a decade and is affiliated with China's Ministry of State Security, the country's intelligence and security agency responsible for gathering foreign intelligence.
U.S. Treasury Department official Adewale O. Adeyemo said in a statement Friday. “The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target Americans, our businesses, and the U.S. government.”
Earlier this month, the U.S. government sanctioned another China-based cybersecurity company over its ties to a government-backed hacking group known as Flax Typhoon. The Treasury Department said Integrity Technology Group was involved in “multiple computer intrusion incidents against U.S. victims” involving U.S. critical infrastructure.