Excerpt from VOA Article, Published on Dec 10, 2024.
The United States has imposed sanctions on a Chinese cybersecurity company, Sichuan Silence Information Technology Company, and one of its employees, Guan Tianfeng, accusing them of carrying out a major cyberattack in 2020 that compromised over 80,000 firewalls worldwide. The U.S. Treasury Department announced the sanctions on Tuesday, labeling the firm’s activities as malicious and a significant threat to global cybersecurity.
The attack, which occurred in April 2020, targeted firewall products in businesses and critical infrastructure systems around the world, including within the United States. Over a span of three days, Guan Tianfeng allegedly exploited a vulnerability in a widely used firewall product, deploying malware to steal sensitive information, such as usernames and passwords. According to the Treasury Department, the attack also sought to install ransomware on compromised systems, significantly heightening its impact.
Approximately 23,000 firewalls within the United States were affected, including 36 firewalls protecting critical infrastructure companies’ systems. The attack underscores the vulnerability of essential digital systems to increasingly sophisticated cyber threats.
“Today’s action underscores our commitment to exposing these malicious cyber activities and holding the actors behind them accountable for their schemes,” said Bradley Smith, Acting Undersecretary for Terrorism and Financial Intelligence at the U.S. Treasury Department. He affirmed that the Treasury will continue to use its tools to disrupt cyber threats targeting critical infrastructure.
In addition to sanctions, the U.S. Department of Justice has unsealed an indictment against Guan Tianfeng and announced a reward of up to $10 million for information about him or the company.
The sanctions and indictment reflect the U.S. government’s intensified efforts to address the rising wave of cyberattacks targeting sensitive industries, businesses, and critical infrastructure globally. These measures are part of a broader strategy to deter malicious cyber actors and reinforce global cybersecurity defenses.
To delve deeper into this topic, please read the full article VOA.
