The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has announced sanctions against a Chinese cybersecurity company and an individual linked to the Salt Typhoon group. The sanctions are in response to their involvement in a breach of U.S. Treasury systems and other cyber espionage activities. The incident, which came to light earlier in January 2025, involved cyber actors affiliated with China’s Ministry of State Security (MSS), targeting sensitive U.S. government IT systems and critical infrastructure. The breach resulted in the theft of over 3,000 files, including highly sensitive data such as policy documents, travel information, and law enforcement materials.
The breach was attributed to the Salt Typhoon group, which is known for its extensive cyber espionage activities targeting U.S. agencies and private sector entities. The group gained access to the Treasury’s systems through a compromised Remote Support SaaS API key, exploiting vulnerabilities linked to Microsoft’s ProxyLogon flaws. The cyber actors targeted key government officials’ computers, including those used by Treasury Secretary Janet Yellen and other high-ranking officials, further compromising sensitive materials related to U.S. foreign policy and national security. The Treasury Department’s announcement marks the latest action in its efforts to counter foreign state-sponsored cyber threats.
In addition to the sanctions on the individuals and the company involved, the U.S. government has also taken steps to address the broader implications of these cyber attacks on U.S. telecommunications providers. Sichuan Juxinhe Network Technology Co., LTD., a Chinese cybersecurity firm, was also sanctioned for its involvement in cyber attacks on major U.S. telecom companies like AT&T, Verizon, and T-Mobile. The sanctions highlight the ongoing risk posed by China-linked threat actors targeting critical U.S. infrastructure, including both private and public sector systems.
To further address the threat, the Department of State’s Rewards for Justice program has announced a reward of up to $10 million for information leading to the identification of individuals behind these cyber attacks. Additionally, the Federal Communications Commission (FCC) has issued new rules requiring U.S. telecom companies to bolster their cybersecurity measures. The FCC’s actions are aimed at preventing unlawful access to communications and reducing the risk of future cyber espionage. This latest round of sanctions and initiatives underscores the growing concern over China’s cyber capabilities, with experts describing them as one of the most significant threats to U.S. national security.
Reference: