The U.S. Department of the Treasury has taken decisive action against a Chinese cybersecurity company accused of aiding state-sponsored cyberattacks against American targets. The Office of Foreign Assets Control (OFAC) has sanctioned Integrity Technology Group, Incorporated (Integrity Tech), based in Beijing, for its role in facilitating malicious cyber activities attributed to Flax Typhoon, a Chinese state-sponsored cyber group.
Flax Typhoon has been active since at least 2021, primarily targeting organizations within U.S. critical infrastructure sectors. The group has been observed compromising computer networks across North America, Europe, Africa, and Asia, with a particular focus on Taiwan. Their tactics involve exploiting known vulnerabilities and utilizing legitimate remote access software to gain and maintain persistent access to victims’ networks.
As stated in the press release, “Between summer 2022 and fall 2023, Flax Typhoon actors accessed several hosts associated with U.S. and European entities.” This included compromising multiple servers and workstations at a California-based entity.
The Treasury Department alleges that Integrity Tech provided infrastructure and support to Flax Typhoon during its malicious cyber operations. The press release notes that “Between summer 2022 and fall 2023, Flax Typhoon actors used infrastructure tied to Integrity Tech during their computer network exploitation activities against multiple victims.”
As a result of these sanctions, all property and interests in property of Integrity Tech within U.S. jurisdiction are blocked. U.S. persons are generally prohibited from engaging in transactions with the sanctioned entity. Financial institutions and other entities that conduct business with Integrity Tech may also face sanctions or enforcement actions.
This action underscores the U.S. government’s commitment to holding malicious cyber actors and their enablers accountable. Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith emphasized this resolve, stating, “The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions. The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses.”
Related Posts:
- Flax Typhoon Botnet Exploits 66 Vulnerabilities: A Global Threat to Critical Infrastructure
- The US announces sanctions against Russian individuals and companies tied to worldwide hacking
- Treasury Department Hit by Major Cybersecurity Incident, China Suspected
- FCC Takes Action to Strengthen Cybersecurity in Response to Salt Typhoon Cyberattack
- A report says Iran may launch cyber attacks against sanctions
