By Anthony Marcus, correspondent. Eurasia Business News, January 5, 2024. Article n°1363.
On January 3 the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) added to its sanctions list Integrity Technology Group, Incorporated (Integrity Tech), a Beijing-based cybersecurity company, for its role in multiple computer intrusion incidents against U.S. victims.
These incidents have been publicly attributed to Flax Typhoon, a Chinese malicious state-sponsored cyber group that has been active since at least 2021, often targeting organizations within U.S. critical infrastructure sectors.
Background on Flax Typhoon
Flax Typhoon has been active since at least 2021 and is recognized for its persistent attacks on organizations within critical infrastructure sectors in the U.S. and beyond. The group exploits publicly known vulnerabilities to gain access to victims’ networks and utilizes legitimate remote access software to maintain control over compromised systems.
Between the summer of 2022 and fall 2023, Flax Typhoon utilized infrastructure associated with Integrity Tech for its cyber operations, routinely exchanging information through this support.
On September 18, 2024, the Federal Bureau of Investigation, in coordination with the Cyber National Mission Force, National Security Agency, and Five Eye partners, published a joint cybersecurity advisory, that highlights the tactics, techniques, and procedures of Flax Typhoon, as well as Integrity Tech’s role in supporting its malicious cyber activities.
Details of the Sanctions
The sanctions block all assets of Integrity Tech that are located in the U.S. or controlled by U.S. persons. This includes any entities that are more than 50% owned by Integrity Tech. The Treasury Department emphasized that Chinese malicious cyber actors represent a significant threat to U.S. national security, with a commitment to holding accountable those who facilitate such activities.
Implications
These sanctions follow a broader context of heightened scrutiny and actions against Chinese cyber activities, particularly after the joint operation in September 2024 that dismantled a botnet linked to Flax Typhoon, which had compromised over 260,000 devices globally. The U.S. government continues to collaborate with international partners to enhance cybersecurity measures and disrupt malicious cyber operations originating from state-sponsored groups like Flax Typhoon.
Start investing in Bitcoin using Coinbase
Our community already has nearly 145,000 readers!
Subscribe to our Telegram channel
Follow us on Telegram, Facebook and Twitter
© Copyright 2024 – Eurasia Business News. Article no. 1362.
Eurasia Business News 