US sanctions Beijing-based cyber group for its alleged role in hacking incidents

The US Treasury on Friday sanctioned a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical US infrastructure. The Treasury’s Office of Foreign Assets Control hit Integrity Technology Group, Inc. with sanctions Friday morning, for conducting multiple hacks against US victims, including incidents attributed to Flax Typhoon, a Chinese state-sponsored campaign that targets US critical infrastructure.

The sanctions come a few days after Treasury reported that Chinese hackers remotely accessed several US Treasury Department workstations and unclassified documents in a major cybersecurity incident.

The Treasury Department said it learned of the problem on December 8, when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key “used by the vendor to secure a cloud-based service used to remotely provide technical support” to workers.

Friday’s sanctions do not appear to be related to the December 8 Treasury hack.

Treasury Acting Under Secretary Bradley Smith said the US will disrupt cyber threats “as we continue working collaboratively to harden public and private sector cyber defences”.

The sanctions block access to US property and bank accounts and prevent the targeted people and companies from doing business with Americans.

US officials are continuing to grapple with the fallout of a massive Chinese cyberespionage campaign known as Salt Typhoon that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.