The Treasury Department on Friday imposed sanctions on a Beijing-based cybersecurity firm, blaming the company for helping Chinese hackers infiltrate U.S. communications systems and conduct surveillance on four continents.
In an announcement, the department said the company, Integrity Technology Group, had backed a Chinese state-sponsored hacking group known as Flax Typhoon in a campaign to break into foreign networks between the summer of 2022 and 2023, and said it found that the group “routinely sent and received information from Integrity Tech infrastructure.”
The action came after the Treasury Department revealed in a letter to lawmakers this week that a Chinese intelligence agency had breached its systems in what appeared to be a spying operation, gaining access to government employee workstations and unclassified documents.
A ministry spokesperson did not specify whether Flax Typhoon was involved in the attack on Treasury systems, or whether the sanctions were just part of a larger operation to disrupt China's cyber capabilities.
The sanctions also follow the far more damaging revelation last year that a group linked to Chinese intelligence services and known as Salt Typhoon had hacked US telecommunications networks, targeting the phone calls and text messages of a range of top political figures, including newly elected President Donald J Trump.
Like Salt Typhoon, Flax Typhoon is among a handful of groups that Microsoft has publicly identified as having ties to Chinese intelligence and responsible for a series of state-sponsored cyber attacks. The group has been active since 2021 and appears to be targeting targets in Taiwan and the United States, according to the Congressional Research Service.
“The Treasury Department will not hesitate to hold malicious cyber actors and their actors accountable for their actions,” Bradley T. Smith, acting assistant secretary of the Treasury Department, said in a statement. “The United States will use all available tools to overcome these threats as we continue to work together to strengthen public and private sector cyber defenses.”
In September, the FBI said it had taken down a network of 200,000 consumer devices in the United States and abroad that had been compromised with malware and weaponized by Flax Typhoon.
The sanctions announced Friday generally ban financial institutions and individuals from transacting with Integrity Technology Group and freeze all of its assets in the United States.
It was not immediately clear what the Treasury Department breach would have accomplished, but the agency presents an attractive target for state-sponsored hackers because of the Office of Foreign Assets Control, which is responsible for imposing sanctions and determining which individuals pose a threat. to national security.
