Infra
US sanctions Beijing cyber group over critical infrastructure hacks
The U.S. Treasury Department has sanctioned a Beijing-based cybersecurity company for its alleged involvement in multiple hacking incidents targeting critical U.S. infrastructure.
The sanctions, announced Friday by the Treasury’s Office of Foreign Assets Control, cite Integrity Technology Group in a series of attacks attributed to Flax Typhoon, a state-sponsored hacking campaign allegedly linked to the Chinese government.
Why It Matters
These sanctions are the latest in escalating tensions between the U.S. and China over cybersecurity and technological dominance.
Integrity Technology Group now faces restrictions that block access to U.S. assets and financial systems. The sanctions block access to U.S. property and bank accounts and prevent the targeted people and companies from doing business with Americans.
What To Know
Court documents accuse Integrity Technology Group in the infection of numerous types of consumer devices, including small-office/home-office (SOHO) routers, internet protocol (IP) cameras, digital video recorders (DVRs) and network-attached storage (NAS) devices.
Malware connected over 200,000 of these devices to a botnet, controlled by Integrity, used to conduct “malicious cyber activity” under the guise of routine internet traffic, according to the court documents.
The sanctions come as the U.S. strengthens its response to state-sponsored cyber threats, particularly from China. These actions are part of a wider “tech war” between the two nations.
Escalations to the U.S.-China ‘Tech War’
The incident adds to a growing list of allegations against Chinese state-linked cyber campaigns, including the Salt Typhoon campaign, which reportedly accessed the texts and phone conversations of an unknown number of U.S. citizens through targeting telecom firms AT&T and Verizon.
Reports also came in earlier this week of a breach involving Chinese hackers gaining remote access to several U.S. Treasury Department systems on December 8, although Treasury officials have clarified that Friday’s sanctions are not related to that incident. Instead, they are part of a broader effort to address what U.S. officials describe as ongoing cyber threats from Beijing.
Congress is also looking to ban imports of China-made drones. In retaliation, Beijing has imposed its own trade restrictions, including bans on exporting critical materials essential for manufacturing advanced technologies, such as smartphones.
U.S. policymakers are revising bilateral agreements and trade policies to limit Beijing’s access to sensitive technologies. For instance, the U.S. recently updated a decades-old science and technology pact with China, narrowing its scope to exclude critical areas like artificial intelligence and quantum computing.
What People Are Saying
Bradley Smith, Treasury acting undersecretary, said: The U.S. will disrupt cyber threats “as we continue working collaboratively to harden public and private sector cyber defenses.”
U.S. Attorney Eric G. Olshan for the Western District of Pennsylvania (in September when the investigation was revealed by the FBI): “The targeted hacking of hundreds of thousands of innocent victims in the United States and around the world shows the breadth and aggressiveness of PRC state-sponsored hackers […] We will continue to work with our partners inside and outside government, using every tool at our disposal, to defend and maintain global cybersecurity.”
A statement from the Treasury Department said: “Flax Typhoon is a state-sponsored Chinese malicious cyber group that has been active since at least 2021, targeting organizations within U.S. critical infrastructure sectors […] Flax Typhoon exploits publicly known vulnerabilities to gain initial access to victims’ computers and then leverages legitimate remote access software to maintain persistent control over their network.”
What Happens Next
The sanctions against Integrity Technology Group may lead to further scrutiny of Chinese companies accused of supporting state-sponsored cyber campaigns. U.S.-China relations remain tense, and it will be up to President-elect Donald Trump‘s second administration to act following his inauguration on January 20. Analysts predict that these sanctions could provoke retaliatory measures from Beijing, feeding into the “tech war” once more.
This article includes reporting from the Associated Press.