US sanctions Chinese cybersecurity firm for ‘malicious’ activities

WASHINGTON — The United States slapped sanctions on a Chinese cybersecurity company and one of its employees Tuesday, accusing it of compromising more than 80,000 firewalls in a 2020 attack.

The U.S. Treasury Department said in a statement that it had sanctioned Sichuan Silence Information Technology Company and an employee named Guan Tianfeng over the April 2020 attack, which targeted firewalls around the world, including critical infrastructure in the U.S.

Over a three-day period, Guan exploited a vulnerability in a firewall product and proceeded to deploy malware against some 81,000 businesses around the world with the aim of stealing data, including usernames and passwords, while also attempting to infect the computers with ransomware, according to the Treasury Department.

More than 23,000 firewalls were in the United States, of which 36 were protecting “critical infrastructure companies’ systems,” the Treasury said.

“Today’s action underscores our commitment to exposing these malicious cyber activities … and to holding the actors behind them accountable for their schemes,” Bradley Smith, Treasury acting undersecretary for terrorism and financial intelligence, said in a statement.

The Treasury, he said, “will continue to leverage our tools to disrupt attempts by malicious cyber actors to undermine our critical infrastructure.”

Alongside the sanctions, the Department of Justice has also unsealed an indictment against Guan and announced a reward of up to $10 million for information about the employee or company, according to the Treasury Department.

write a comment: