US acts against China-linked cyber actors
For US Treasury hack and ‘Salt Typhoon’
The United States has announced sanctions against two entities linked to malicious cyber activities from China. The individuals and organisations targeted are accused of serious cyber intrusions affecting US government networks and critical infrastructure, including the recent hack of the US Department of Treasury.
The US Department of the Treasury has sanctioned Yin Kecheng, a Shanghai-based cyber actor with ties to China’s Ministry of State Security. Yin Kecheng is believed to be behind the compromise of the Treasury’s network, marking a significant breach in US cybersecurity.
Additionally, sanctions have been imposed on Sichuan Juxinhe Network Technology, a cybersecurity firm from Sichuan that is directly involved in the ongoing ‘Salt Typhoon cyber espionage campaign.
The Salt Typhoon activities have targeted US telecommunications and internet service providers, compromising numerous systems as part of a broader espionage operation. The campaign is part of a worrying pattern of persistent cyber threats from China-linked actors, which the State Department said in a statement. These threats pose an ongoing risk to national and international security.
A US State Department spokesperson underscored the severity of the threat posed by China-based hackers, highlighting their frequent and aggressive targeting of US systems and critical infrastructure. The spokesperson also pointed out the global implications of these attacks, stressing the importance of sharing intelligence with other nations to bolster collective cybersecurity efforts.
The US State Department has launched a reward initiative to combat these threats further. The Rewards for Justice (RFJ) programme offers up to $10 million for information leading to identifying or locating individuals responsible for engaging in malicious cyber activities against US critical infrastructure, as defined by the Computer Fraud and Abuse Act.
This move signals the United States’ resolve to take a firm stand against cyber threats, using sanctions and intelligence sharing to counteract China-linked activities. The US State Department noted that the US will continue to use all available measures to defend its interests and allies from cyber aggression, ensuring critical infrastructure protection and national security.
Image: The US is offering up to $10 million for information leading to identifying or locating individuals responsible for engaging in malicious cyber activities against US critical infrastructure. Credit: Towfiqu Barbhuiya
