1 of 2 | The U.S. Treasury Department on Friday slapped a Chinese company and a man affiliated with China’s Ministry of State Security with sanctions for their roles in cyber attacks in December. File Photo by Roger L. Wollenberg/UPI
Jan. 17 (UPI) — American officials on Friday slapped a Chinese company and a man affiliated with China’s Ministry of State Security with sanctions for their roles in cyber attacks in December. Both Yin Kecheng and Sichuan Juxinhe Network Technology are deemed threats to U.S. national security, the Treasury Department said in a statement detailing the sanctions.
Sichuan Juxinhe was sanctioned for its alleged involvement in the December cyber attacks targeting U.S. telecommunications firms.
Officials say the Sichuan-based cybersecurity company had “direct involvement” with the Chinese hacking group Salt Typhoon, which accessed the personal information of millions of Americans during the cyber attacks.
Based in Shanghai, Yin was sanctioned for his role in cyber attacks targeting the Treasury Department itself. In late December, authorities revealed hackers had infiltrated the department in what was deemed a “major cybersecurity incident,” earlier in the month.
Yin has allegedly been working with China’s Ministry of State Security as a malicious cyber actor for over a decade.
American authorities contend Sichuan Juxinhe Network Technology also maintains close ties to the Ministry of State Security.
The Salt Typhoon hacker group has been active since 2019, according to U.S. officials and the latest attack is under investigation by the FBI.
Friday’s sanctions through the Treasury Department’s Office of Foreign Asset Control freeze “all property and interests in property” controlled by Yin or Sichuan Juxinhe Network.
“The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically,” Deputy Secretary of the Treasury Adewale Adeyemo said in the department’s statement.
The U.S. State Department also announced Friday it is offering up to $10 million through its Rewards for Justice program for information “leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.”