The United States Department of the Treasury has sanctioned individuals connected to the Salt Typhoon hacking group.
One of the individuals in question, Yin Kecheng, is reported to be a notable cyber actor who is connected to the perpetrators of the compromise of Treasury systems and infrastructure last year.
The Department of the Treasury’s Office of Foreign Assets Control (OFAC) has led the sanctions on Kecheng and also sanctioned Sichuan Juxinhe Network Technology Co., LTD.
The company, based in Sichuan, is allegedly linked to the Salt Typhoon cyber group, which took responsibility for damaging and destroying the network infrastructure of multiple major U.S. telecommunication companies.
The Treasury stated in a recent report that the company “had direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies.”
These sanctions block Kecheng and Sichuan Juxinhe Network Technology Co., LTD’s U.S.-based property and interests.
OFAC cracks down on those connected to Salt Typhoon cyber group
Kecheng has been a person of interest to those in the U.S. government’s cybersecurity arenas, stating that he has been “a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State Security (MSS). Yin Kecheng was associated with the recent compromise of the Department of the Treasury’s Departmental Offices network.”
Adewale O. Adeyemo, the Deputy Secretary of the Treasury, was blunt in his statement on the OFAC action: “The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically.”
Adeyemo and OFAC are on high alert in light of the People’s Republic of China-linked (PRC) malicious cyber actors that continue to target U.S. government systems. The Treasury’s information technology (IT) systems, as well as sensitive U.S. critical infrastructure, have been targeted multiple times across 2023 and 2024, leaving some services crippled and compromised.
“Chinese state-backed cyber actors continue to present some of the greatest and most persistent threats to U.S. national security,” said the Office of the Director of National Intelligence Annual Threat Assessment.
Featured Image Credit: Photo by Markus Spiske; Pexels.
