Image: © vaalaa /Stock.adobe.com
The UK, Canada, Australia and New Zealand have also accused the company of malicious cyber operations.
Tensions between US and China are crescendoing as the US government sanctions Beijing-based cybersecurity company Integrity Technology Group for its alleged role in several cyberattacks on US critical infrastructure sectors.
The sanctions, which follow numerous allegations of malicious cyber activity against the company from several nations, have blocked Integrity Technology’s properties in the US as well as any financial transactions involving the company in the country, with the US threatening sanctions over entities that provide the company with funds, goods or services.
In the announcement on 3 January, the US Department of Treasury’s Office of Foreign Assets Control (OFAC), which administers and enforces economic and trade sanctions in support of national security and foreign policy objectives, said that between 2022 and 2023, Flax Typhoon, an alleged state-sponsored Chinese cyber group unlawfully accessed several US and European entities using virtual private network software and remote desktop protocols.
The Office claimed that Flax Typhoon used infrastructure tied to Integrity Technology for its operations, including routinely sending and receiving information from the company.
As a result, the OFAC is claiming that Integrity Technology is responsible for, or complicit in cyber-enabled activities which pose “a significant threat” to the country’s national security, foreign policy, economic health or financial stability with intentions to compromise the country’s critical national infrastructure.
“The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions,” said acting under secretary of the Treasury for Terrorism and Financial Intelligence Bradley T Smith.
“The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defences.”
In September 2024, the US Department of Justice announced that it disrupted a botnet attack on more than 200,000 consumer devices infected with malware by Flax Typhoon. The Justice Department claimed that Integrity Technology was controlling the devices, conducting malicious cyber activity disguised as normal internet traffic.
According to FBI director Christopher Wray, Integrity Technology Group, which posed as an IT firm, “collected intelligence and performed reconnaissance for Chinese government security agencies”.
Moreover, the UK, Canada, Australia and New Zealand, alongside the US, accused the company of malicious cyber operations, stating that it had compromised tens of thousands of devices worldwide.
Last month, it was announced that dozens of telecommunications providers in several countries were hit by an alleged hacking campaign led by Salt Typhoon, a well-known cybercrime group with Chinese ties. While in early 2024, an attack from Volt Typhoon, another alleged Chinese state-sponsored group targeting US critical infrastructure was disrupted.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
