The U.S. Treasury Department has imposed sanctions on a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged involvement in recent hacks targeting the federal agency. The sanctions are part of the Biden administration’s efforts to combat malicious cyber activity by Chinese threat actors. The Treasury’s Office of Foreign Assets Control (OFAC) targeted Yin Kecheng, a cyber actor affiliated with China’s Ministry of State Security (MSS), for his association with the recent compromise of the Treasury’s IT systems.
The incident, attributed to a nation-state group named Silk Typhoon, involved infiltrating Remote Support SaaS instances through a compromised API key. According to reports, the attackers compromised hundreds of Treasury computers, stole thousands of files, and accessed systems used by high-ranking officials, including Secretary Janet Yellen and Deputy Secretary Adewale Adeyemo.
Sanctions target Chinese cyber threat
The sanctions also targeted Sichuan Juxinhe Network Technology Co., LTD., a Sichuan-based cybersecurity company, for its alleged involvement in cyber attacks on major U.S. telecommunication and internet service provider companies. The Treasury stated that the MSS had maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe.
Deputy Secretary Adewale Adeyemo emphasized the Treasury Department’s commitment to holding malicious cyber actors accountable, stating, “The Treasury Department will continue to use its authorities to hold responsible malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically.
The attacks on U.S. telecom service providers have prompted the Federal Communications Commission (FCC) to consider implementing new rules requiring companies in the sector to secure their networks from unlawful access or interception of communications.
FCC chairwoman Jessica Rosenworcel described the hacks as “one of the largest intelligence compromises ever seen.”
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), highlighted the severity of the threat posed by China’s cyber program, stating, “China’s sophisticated and well-resourced cyber program represents the most serious and significant cyber threat to our nation, particularly our critical infrastructure.
The Department of State’s Rewards for Justice program is offering a reward of up to $10 million for information leading to identifying or locating individuals engaging in malicious cyber activities against U.S. critical infrastructure at the direction of a foreign state-sponsored adversary. These sanctions are part of the Treasury’s ongoing efforts to combat malicious cyber activity by Chinese threat actors and follow previous sanctions on other companies linked to Chinese espionage.