The Treasury Department sanctioned a Beijing-based cybersecurity firm on Friday, accusing it of helping Chinese hackers penetrate US communications systems and conduct surveillance on four continents.
In a statement, the department said the company, Integrity Technology Group, had supported a Chinese state-run hacking group known as Flax Typhoon in a campaign to hack into foreign networks between the summer of 2022 and 2023, saying it found the group had “ regularly sent and received information from Integrity Tech infrastructure.”
The action came after the Treasury Department disclosed in a letter to lawmakers this week that a Chinese intelligence agency had breached its systems in an espionage operation, gaining access to government employee workstations and unclassified documents.
A ministry spokesman did not specify whether Flax Typhoon was involved in the attack on Treasury systems or whether the sanctions were simply part of a broader operation to disrupt China’s cyber capability.
The sanctions also followed the far more damaging revelation last year that a group linked to Chinese intelligence known as Salt Typhoon had hacked into US telecommunications networks, targeting the phone conversations and text messages of a number of top politicians, including then-elect President Donald. J. Trump.
Like Salt Typhoon, Flax Typhoon is among a handful of groups Microsoft has publicly identified as linked to Chinese intelligence and responsible for a series of state-sponsored cyberattacks. The group has been active since 2021 and appears to be focused on targets in Taiwan and the United States, according to the Congressional Research Service.
“Treasury will not hesitate to hold malicious cyber actors and their potential actors accountable for their actions,” said Bradley T. Smith, deputy finance minister, in a statement. “The United States will use all available tools to disrupt these threats as we continue to work collectively to harden public and private sector cyber defenses.”
In September, the FBI said it had taken down a network of 200,000 consumer devices in the United States and abroad that had been compromised with malware and weaponized by Flax Typhoon.
The sanctions announced Friday generally bar financial institutions and individuals from doing business with Integrity Technology Group and freeze any of its assets in the United States.
It was not immediately clear what the Treasury Department breach may have accomplished, but the agency is an attractive target for government-sponsored hackers because of its Office of Foreign Assets Control, which is responsible for imposing sanctions and identifying individuals who pose a threat. in national security.
