The Treasury Department imposed sanctions on a Beijing-based cybersecurity company on Friday, attributing its actions to the company's assistance in enabling Chinese hackers to infiltrate U.S. communications systems and conduct surveillance on four continents.
In the announcement, the department stated that Integrity Technology Group supported a Chinese state-sponsored hacking group known as Flax Typhoon in a campaign to breach foreign networks between the summer of 2022 and 2023. The department noted that the group "routinely sent and received information from Integrity Tech infrastructure."
This action follows the revelation by the Treasury Department earlier this week to lawmakers about a breach by a Chinese intelligence agency, which appeared to be an espionage operation that accessed the workstations of government employees and unclassified documents.
A spokesman for the department did not clarify whether Flax Typhoon was involved in the attack on the Treasury Department’s systems or if the sanctions were part of a broader initiative to disrupt China's cyber capabilities.
The sanctions also come after the disclosure last year of a more severe incident in which a group linked to Chinese intelligence, known as Salt Typhoon, hacked U.S. telecommunications networks, targeting the communications of several high-profile political figures, including President-elect Donald J. Trump.
Similar to Salt Typhoon, Flax Typhoon is among a few groups that Microsoft has publicly associated with Chinese intelligence, responsible for various state-sponsored cyberattacks. Active since 2021, Flax Typhoon appears to focus primarily on targets in Taiwan and the United States, according to the Congressional Research Service.
Acting Under Secretary of the Treasury, Bradley T. Smith, stated, "The Treasury Department will not hesitate to hold malicious cyberactors and their enablers accountable for their actions. The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses."
In September, the F.B.I. reported it had dismantled a network of 200,000 consumer devices in the United States and abroad that had been infected with malware and exploited by Flax Typhoon.
The sanctions prohibit financial institutions and individuals from engaging in transactions with Integrity Technology Group and freeze any of its assets within the United States.
It remains unclear what the breach of the Treasury Department may have accomplished, but the agency is considered an appealing target for state-sponsored hackers due to its Office of Foreign Assets Control, which oversees sanctions and evaluates national security threats posed by individuals.