The U.S. Treasury Department announced sanctions Friday against a Chinese cybersecurity company and an individual hacker following major breaches of government and telecommunications networks.
The sanctions target Sichuan Juxinhe Network Technology Co. and Shanghai-based cyber operator Yin Kecheng. Officials say Kecheng, affiliated with China's Ministry of State Security, was involved in a December cyberattack that compromised Treasury Department workstations.
The breach occurred when hackers, identified as the Silk Typhoon group, exploited a stolen security key from software provider BeyondTrust to gain remote access to Treasury systems, including its sanctions office.
Sichuan Juxinhe faces penalties for its connections to Salt Typhoon, a Chinese state-backed group responsible for what officials call the largest telecommunications hack in U.S. history. The group infiltrated nine major U.S. telecom and internet providers, including AT&T and Verizon, potentially accessing private communications of senior government officials and political figures.
"We will hold accountable malicious cyber actors who target the American people, our companies, and the United States government," said Deputy Treasury Secretary Adewale Adeyemo.
The sanctions block both Kecheng and Sichuan Juxinhe from conducting business transactions in the United States. This action follows recent Treasury measures against other Chinese firms, including Integrity Technology Group, for ties to state-sponsored hacking activities.
The U.S. State Department maintains a $10 million reward for information about cyber actors targeting critical infrastructure under foreign government direction. Chinese officials have consistently denied involvement in these hacking incidents.