US sanctions Chinese cybersecurity firm for Treasury hack linked to Typhoon Silk

The US Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor due to their alleged ties to the Salt Typhoon Group and the recent compromise of the federal agency.

“Malicious cyber actors linked to the People's Republic of China (PRC) continue to target U.S. government systems, including recent targeting of Treasury information technology (IT) systems, as well as U.S. critical infrastructure sensitive,” Treasury said in a press release.

The sanctions target Yin Kecheng, considered a cyber actor for more than a decade and affiliated with China's Ministry of State Security (MSS). Kecheng, according to Treasury, was linked to the breach of its own network that was revealed earlier this month.

The incident involved a hack of BeyondTrust's systems that allowed malicious actors to infiltrate some of the company's remote support SaaS instances using a compromised remote support SaaS API key. The activity was traced to a nation-state group named Silk Typhoon (formerly Hafnium), which was linked to the then-zero-day exploitation of multiple security vulnerabilities (aka ProxyLogon) in Microsoft Exchange Server in early 2021.

According to a recent Bloomberg report, the attackers allegedly burglarized as many as 400 computers belonging to the Treasury and stole more than 3,000 files, including policy and travel documents, organizational charts, documents on sanctions and foreign investments, as well as as legal documents. Application sensitive data.

They also gained unauthorized access to computers used by Secretary Janet Yellen, Assistant Secretary Adewale Adeyemo, and Acting Undersecretary Bradley T. Smith, as well as documents on investigations by the Committee on Foreign Investment in the United States, the report added.

Silk Typhoon is believed to overlap with a cluster tracked by Google-owned Mandiant under the moniker UNC5221, a China-linked espionage actor known for its extensive weaponization of Ivanti's zero-day vulnerabilities. The Hacker News has contacted Mandiant for further comment, and we will update the story if we receive a response.

The sanctions also target Sichuan Juxinhe Network Technology Co., LTD., a Sichuan-based cybersecurity company that Treasury said was directly involved in a series of cyberattacks targeting major U.S. telecommunications and internet service companies in the country.

The activity has been associated with another Chinese hacking group named Salt Typhoon (aka Earth Estries, FamousSparrow, GhostEmperor and UNC2286). The threat actor is estimated to have been active since at least 2019.

“The MSS has maintained close ties with several computer network operating companies, including Sichuan Juxinhe,” the Treasury said.

Additionally, the Department of State's Rewards for Justice program offers a reward of up to $10 million for information leading to the identification or location of anyone acting at the direction or control of a sponsored adversary. by a foreign state and engage in malicious cyber activity against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.

“The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our businesses, and the United States Government, including those who have specifically targeted the Treasury Department,” a statement said. Adeyemo said in a statement.

Attacks on US telecommunications service providers have since prompted the Federal Communications Commission (FCC) to issue new rules requiring companies operating in the sector to secure their networks against illegal access or interception of communications. Outgoing FCC Chairwoman Jessica Rosenworcel described the hacks as “one of the largest intelligence compromises ever seen.”

“This action is accompanied by a proposal to require communications service providers to submit an annual certification to the FCC that they have created, maintained and implemented a cybersecurity risk management plan, that would strengthen communications against future cyberattacks,” the FCC said. .

Earlier this week, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), said that “China's sophisticated and well-resourced cyber program represents the most serious and significant cyber threat for our country, and in particular for American critical infrastructure.”

Easterly also revealed that Salt Typhoon was first detected on federal networks, long before the cyberespionage group infiltrated the networks of AT&T, Lumen Technologies, T-Mobile, Verizon and other providers .

These designations are just the latest in a long list of actions Treasury has taken in an effort to combat malicious cyber activity by Chinese threat actors. Three other companies have already been sanctioned by the agency, Integrity Technology Group (Flax Typhoon), Sichuan Silence Information Technology (Pacific Rim) and Wuhan Xiaoruizhi Science and Technology Company (APT31).

Did you find this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we publish.

What Are The Main Benefits Of Comparing Car Insurance Quotes Online

LOS ANGELES, CA / ACCESSWIRE / June 24, 2020, / Compare-autoinsurance.Org has launched a new blog post that presents the main benefits of comparing multiple car insurance quotes. For more info and free online quotes, please visit https://compare-autoinsurance.Org/the-advantages-of-comparing-prices-with-car-insurance-quotes-online/ The modern society has numerous technological advantages. One important advantage is the speed at which information is sent and received. With the help of the internet, the shopping habits of many persons have drastically changed. The car insurance industry hasn't remained untouched by these changes. On the internet, drivers can compare insurance prices and find out which sellers have the best offers. View photos The advantages of comparing online car insurance quotes are the following: Online quotes can be obtained from anywhere and at any time. Unlike physical insurance agencies, websites don't have a specific schedule and they are available at any time. Drivers that have busy working schedules, can compare quotes from anywhere and at any time, even at midnight. Multiple choices. Almost all insurance providers, no matter if they are well-known brands or just local insurers, have an online presence. Online quotes will allow policyholders the chance to discover multiple insurance companies and check their prices. Drivers are no longer required to get quotes from just a few known insurance companies. Also, local and regional insurers can provide lower insurance rates for the same services. Accurate insurance estimates. Online quotes can only be accurate if the customers provide accurate and real info about their car models and driving history. Lying about past driving incidents can make the price estimates to be lower, but when dealing with an insurance company lying to them is useless. Usually, insurance companies will do research about a potential customer before granting him coverage. Online quotes can be sorted easily. Although drivers are recommended to not choose a policy just based on its price, drivers can easily sort quotes by insurance price. Using brokerage websites will allow drivers to get quotes from multiple insurers, thus making the comparison faster and easier. For additional info, money-saving tips, and free car insurance quotes, visit https://compare-autoinsurance.Org/ Compare-autoinsurance.Org is an online provider of life, home, health, and auto insurance quotes. This website is unique because it does not simply stick to one kind of insurance provider, but brings the clients the best deals from many different online insurance carriers. In this way, clients have access to offers from multiple carriers all in one place: this website. On this site, customers have access to quotes for insurance plans from various agencies, such as local or nationwide agencies, brand names insurance companies, etc. "Online quotes can easily help drivers obtain better car insurance deals. All they have to do is to complete an online form with accurate and real info, then compare prices", said Russell Rabichev, Marketing Director of Internet Marketing Company. CONTACT: Company Name: Internet Marketing CompanyPerson for contact Name: Gurgu CPhone Number: (818) 359-3898Email: [email protected]: https://compare-autoinsurance.Org/ SOURCE: Compare-autoinsurance.Org View source version on accesswire.Com:https://www.Accesswire.Com/595055/What-Are-The-Main-Benefits-Of-Comparing-Car-Insurance-Quotes-Online View photos