The U.S. Treasury Department announced sanctions on Friday against Integrity Technology Group, a Beijing-based cybersecurity company accused of supporting state-sponsored cyberattacks conducted by the Chinese hacking group Flax Typhoon. The firm allegedly aided these cyber actors in infiltrating U.S. communications systems and conducting espionage operations across four continents, raising significant national security concerns.
In a statement, the Treasury Department revealed that Integrity Technology Group had provided critical infrastructure to Flax Typhoon, enabling the group to carry out cyberattacks between mid-2022 and 2023. Investigations showed that Flax Typhoon routinely sent and received data via Integrity Tech’s infrastructure while breaching foreign networks. As a result of the sanctions, U.S. financial institutions and individuals are barred from engaging in transactions with Integrity Technology Group, and any of the company’s assets in the United States have been frozen.
Broader Cybersecurity Threats
This action follows a series of alarming developments highlighting the persistent cyberthreat posed by Chinese state-sponsored groups. Earlier this week, the Treasury Department disclosed to lawmakers that a Chinese intelligence agency had breached its systems through a compromised third-party cybersecurity provider. This intrusion allowed unauthorized access to workstations and unclassified documents. However, the department has not confirmed whether Flax Typhoon was directly involved in this particular breach.
In a similar vein, another Chinese cyber group, Salt Typhoon, was previously linked to an attack on U.S. telecommunications networks. That attack, which occurred last year, targeted the telephone conversations and text messages of political figures, including President-elect Donald J. Trump.
Microsoft and other cybersecurity firms have identified both Flax Typhoon and Salt Typhoon as groups associated with Chinese intelligence agencies. Active since at least 2021, Flax Typhoon has targeted a wide range of industries and critical infrastructure sectors in the United States, Taiwan, and other regions. Exploiting publicly known software vulnerabilities, the group uses virtual private network (VPN) software and remote desktop protocols to gain and maintain access to victims’ networks.
Global Impact
Flax Typhoon’s operations have extended far beyond the United States, with targets identified in North America, Europe, Africa, and Asia. The group’s campaigns between summer 2022 and fall 2023 included attacks on several entities in the U.S. and Europe. In one instance, Flax Typhoon compromised multiple servers and workstations at a California-based company, using legitimate remote access software to establish persistent control over the victim’s network.
The Treasury Department’s sanctions are part of a broader effort to disrupt these cyberthreats and hold malicious actors accountable. “The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber-defenses,” said Bradley T. Smith, Acting Under Secretary of the Treasury.
Strengthening Cyber Defenses
The Office of the Director of National Intelligence’s Annual Threat Assessment has consistently highlighted Chinese cyber actors as one of the most active and persistent threats to U.S. national security. Groups like Flax Typhoon have demonstrated the capacity to exploit vulnerabilities and operate undetected for extended periods, posing significant challenges for cybersecurity professionals.
By imposing these sanctions, the Treasury Department aims to curb the resources available to Chinese cyber actors and their enablers. This action underscores the urgency of strengthening defenses across both public and private sectors to mitigate the risk of future attacks.
Manbilas Singh is a talented writer and journalist who focuses on the finer details in every story and values integrity above everything. A self-proclaimed sleuth, he strives to expose the fine print behind seemingly mundane activities and aims to uncover the truth that is hidden from the general public. In his time away from work, he is a music aficionado and a nerd who revels in video & board games, books and Formula 1.
Comments