US Treasury Sanctions Chinese Cybersecurity Firm for State-Sponsored Hacking

Listen to this Post

2025-01-03

:

The United States Treasury Department has imposed sanctions on Integrity Tech, a Beijing-based cybersecurity company, for its involvement in cyberattacks conducted by the Chinese state-sponsored hacking group known as Flax Typhoon. This action follows a series of recent cyber incidents involving Chinese actors, including the hacking of the Treasury Department itself and a wave of breaches targeting major US telecommunications companies.

:

Flax Typhoon’s Activities: The Treasury Department’s Office of Foreign Assets Control (OFAC) revealed that Flax Typhoon utilized Integrity Tech’s infrastructure to launch cyberattacks against targets in Europe and the United States for over a year, beginning in the summer of 2022. These attacks involved the use of virtual private networks and remote desktop protocols to gain unauthorized access to victim networks.
Raptor Train Botnet: In September 2024, a court-authorized operation disrupted “Raptor Train,” a massive botnet controlled by Integrity Tech. This botnet, comprising hundreds of thousands of infected devices worldwide, was used by Flax Typhoon to launch DDoS attacks and conduct stealthy cyberespionage operations against critical infrastructure sectors in the US and Taiwan, including military, government, and telecommunications.

Integrity

Impact of Sanctions: The sanctions prohibit US organizations and citizens from conducting any transactions with Integrity Tech. Any assets within the US associated with the company will be frozen, and US financial institutions and foreign entities engaging in transactions with them may face penalties.
Recent Chinese Cyberattacks: This action comes amidst a series of high-profile cyberattacks attributed to Chinese state-sponsored actors. These include the recent hacking of the Treasury Department’s OFAC, which likely aimed to gather intelligence on future sanctions targeting Chinese entities, and a wave of breaches impacting major US telecommunications companies conducted by another Chinese hacking group, Salt Typhoon.

What Undercode Says:

This move by the US Treasury Department underscores the escalating cyber threat posed by Chinese state-sponsored actors. The sanctions against Integrity Tech send a strong message that the US will not tolerate the use of private companies as proxies for malicious cyber activities.

The involvement of a major cybersecurity firm like Integrity Tech in these attacks highlights the blurring lines between legitimate cybersecurity services and offensive cyber operations. While legitimate cybersecurity companies play a crucial role in defending against cyber threats, some may be exploited or co-opted by state actors for malicious purposes.

This incident also raises concerns about the potential for Chinese government influence within the global cybersecurity industry. The close ties between Integrity Tech and the Chinese government suggest that the company may have been subject to government direction or even compelled to assist in these cyberattacks.

The recent spate of high-profile cyberattacks attributed to Chinese actors underscores the need for a more robust and coordinated international response to this growing threat. This may include increased information sharing and collaboration between countries, the development of international norms of responsible state behavior in cyberspace, and the imposition of stronger deterrents against malicious cyber activities.

Furthermore, this incident highlights the critical need for increased cybersecurity measures within the US government and across critical infrastructure sectors. This includes strengthening defenses against cyberattacks, improving threat intelligence sharing, and investing in advanced cybersecurity technologies and personnel.

The ongoing cyber conflict between the US and China is likely to intensify in the coming years. This incident serves as a stark reminder of the serious challenges posed by state-sponsored cyber threats and the importance of proactive measures to mitigate these risks.

References:

Reported By: Bleepingcomputer.com
https://www.linkedin.com
Wikipedia: https://www.wikipedia.org
Undercode AI: https://ai.undercodetesting.com

Image Source:

OpenAI: https://craiyon.com
Undercode AI DI v2: https://ai.undercode.helpFeatured Image