America Imposes Sanctions on a Chinese-Linked Cyber Hacking Group

The United States imposed sanctions today (Friday) on a cyber hacking group based in Beijing with ties to the Chinese government, accusing it of targeting the U.S. government’s “sensitive” infrastructure.

The U.S. Treasury Department stated that it sanctioned Integrity Technology Group for its role in multiple cyberattacks since 2021 against U.S. entities, most of which belong to “critical infrastructure sectors.”

State Department spokesperson Matthew Miller declared that Integrity Tech was a “major contractor for the People’s Republic of China government and had connections to the Ministry of State Security.”

Miller added that hackers working for the Chinese company, known in the private sector as Flax Typhoon, were “acting under the direction of the People’s Republic of China government, targeting critical infrastructure in the United States and beyond.”

Bradley Smith, Acting Deputy Secretary of the Treasury for Terrorism and Financial Intelligence, stated, “The Treasury Department will not hesitate to hold hackers and their sponsors accountable for their actions.”

On Monday, the Treasury Department revealed in a letter to Congress, seen by Agence France-Presse, that it had been subjected to a China-backed cyberattack in early December. However, the attack did not lead to the disclosure of classified data.

The attack, according to the letter, involved several workstations and non-classified documents in the Treasury Department via a breach of a security program developed by a private company called BeyondTrust. The attack was carried out, based on available indicators, by an entity financially supported by China.

In its statement on Friday, the Treasury Department said “malicious Chinese actors” were responsible for the “recent targeting of the Treasury Department’s IT infrastructure.” However, it did not accuse Integrity Tech of being behind the attack.