The Treasury Department on Friday imposed sanctions on a Beijing-based cybersecurity firm, accusing it of helping Chinese hackers infiltrate US communications systems and conduct surveillance on four continents.
In a statement, the department said the company, Integrity Technology Group, supported a Chinese state-sponsored hacking group known as Flax Typhoon in a campaign to break into foreign networks between the summer of 2022 and 2023, saying it discovered the group had “regularly sent and receives information from Integrity Tech infrastructure.”
The action followed the Ministry of Finance it was revealed in a letter to the representatives this week that a Chinese intelligence agency breached its systems in what appeared to be a spying operation, gaining access to government employee workstations and unclassified documents.
A spokesman for the ministry did not specify whether Flax Typhoon was involved in the attack on the Finance Ministry’s systems or whether the sanctions were just part of a larger operation to disrupt China’s cyber capabilities.
Sanctions also follow a much more damaging discovery last year that a group linked to Chinese intelligence agencies and known as Salt Typhoon hacked US telecommunications networks, targeting phone conversations and text messages a number of top political figuresincluding President-elect Donald J. Trump.
As A salty typhoonFlax Typhoon is among several groups that Microsoft has publicly identified allegedly linked to Chinese intelligence and responsible for a series of state-sponsored cyberattacks. The group has been active since 2021 and appears to be focused on targets in Taiwan and the United States, according to the Congressional Research Service.
“The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions,” Bradley T. Smith, Acting Under Secretary of the Treasury, said in a statement. “The United States will use all available tools to disrupt these threats as we continue to work together to strengthen public and private sector cyber defenses.”
In September, the FBI he said brought down a network of 200,000 consumer devices in the United States and abroad that were compromised with malware and armed with Flax Typhoon.
The sanctions announced Friday generally prohibit financial institutions and individuals from transacting with Integrity Technology Group and freeze all of their assets in the United States.
It was not immediately clear what the Treasury Department breach may have accomplished, but the agency is an attractive target for state-sponsored hackers because of its Office of Foreign Assets Control, which is responsible for imposing sanctions and determining which individuals pose a threat to national security.
