The US government has announced sanctions against a Chinese organization linked to Salt Typhoon, the hacking group responsible for the largest telecommunications hack in US history.
Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity firm known as Sichuan Juxinhe Network Technology, which it says is directly linked to the Chinese-backed Salt Typhoon hacking group.
Salt Typhoon was recently recognized as having carried out the largest telecommunications hack in US history, having penetrated at least nine US telecommunications and internet providers, including AT&T and Verizon, to gain access to the private communications of senior US government officials and politicians.
Hackers also broke into systems used by law enforcement agencies for court-authorized collection of customer data, possibly accessing sensitive data such as identities of Chinese U.S. surveillance targets.
In its press release on Friday, OFAC said that Sichuan Zhuxinhe was “directly involved in the exploitation of these US telecommunications and Internet service companies.”
Treasury Department Hackers Sanctioned
OFAC also announced sanctions against Yin Kecheng, a Shanghai-based cyber firm that US officials say was responsible for the recent widespread hacking of the US Treasury Department.
The hack, which took place in late December, saw hackers use a private key stolen from BeyondTrust – a cybersecurity company that provides identity access technology to large organizations and government departments – to gain remote access to some of its employees’ workstations Ministry of Finance.
The cyber attack allowed hackers – another Chinese state-backed group known as Silk Typhoon – to target various departments of the US Treasury Department, including the sanctions office.
According to OFAC, Yin Kecheng has been a cyber actor for over a decade and is linked to China’s Ministry of State Security, an intelligence and security agency responsible for the country’s foreign intelligence collection.
US Treasury official Adewale O. Adeyemo said in a statement on Friday: “The Treasury Department will continue to use its authority to hold to account malicious cyber actors who target the American people, our companies, and the United States government, including those who have specifically targeted the Treasury Department.”
Earlier this month, the US government sanctioned another China-based cybersecurity firm for its alleged links to a government-backed hacking group known as Flax Typhoon. The Treasury Department said the company, Integrity Technology Group, had been involved in “multiple computer hacking incidents against US victims,” including critical US infrastructure.
