Treasury Dept. Sanctions Chinese Tech Vendor for Complicity

The US Department of Treasury has sanctioned China-based cybersecurity company Integrity Technology Group Inc. for its role in computer-intrusion incidents against US victims attributed to Chinese state-sponsored Flax Typhoon. The malicious actor has been active since at least 2021 and has targeted organizations in US critical infrastructure sectors.

In tandem, the Treasury Department earlier this week alerted lawmakers of a breach in its own systems through third-party cybersecurity vendor BeyondTrust, allowing Chinese state-backed threat actors to steal data from workstations.

And previously, Salt Typhoon, another Chinese APT, targeted T-Mobile USA in its widescale cyber-espionage operation, aiming to steal sensitive information from a variety of telecommunications companies.

"The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions," Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith, said in a statement. "The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses."