The U.S. Treasury has taken action against a Beijing-based cybersecurity company, Integrity Technology Group, Inc., for its purported involvement in multiple hacking incidents targeting critical U.S. infrastructure. The Treasury's Office of Foreign Assets Control imposed sanctions on the company for conducting various hacks against U.S. victims, including those attributed to Flax Typhoon, a Chinese state-sponsored campaign that focuses on U.S. critical infrastructure.
These sanctions follow a recent cybersecurity breach where Chinese hackers remotely accessed several U.S. Treasury Department workstations and unclassified documents. The Treasury Department was alerted to this breach on December 8 by a third-party software service provider, BeyondTrust, which identified that hackers had stolen a key used to secure a cloud-based service for remote technical support.
It is important to note that the sanctions announced on Friday are not directly linked to the December 8 Treasury hack. Treasury Acting Under Secretary Bradley Smith emphasized the U.S.'s commitment to disrupting cyber threats and strengthening cyber defenses in both the public and private sectors.
The sanctions imposed block access to U.S. property and bank accounts and prohibit the targeted individuals and entities from engaging in business transactions with Americans. These measures are part of ongoing efforts by U.S. officials to address the repercussions of a significant Chinese cyberespionage campaign known as Salt Typhoon, which granted Beijing officials access to private communications of an undisclosed number of Americans.
