The United States has announced sanctions against Integrity Technology Group, Incorporated (Integrity Tech), a cybersecurity company based in Beijing. The company is linked to the People's Republic of China (PRC) Ministry of State Security and is accused of involvement in several computer intrusion incidents targeting U.S. entities.
Integrity Tech is recognized as a significant contractor for the PRC government, providing services to state security and public security bureaus, among other government contractors within China's cybersecurity sector. Hackers associated with Integrity Tech, known as "Flax Typhoon," have been identified by the private sector as working under the direction of the PRC government. Their targets reportedly include critical infrastructure in both the United States and abroad. "Flax Typhoon" has successfully infiltrated various U.S. and foreign corporations, universities, government agencies, telecommunications providers, and media organizations.
In a recent development on September 18, the Department of Justice revealed an operation authorized by the court to dismantle a botnet involving over 200,000 consumer devices compromised by Integrity Tech across the globe. In collaboration with Five Eyes partners, the U.S. issued a public cybersecurity advisory detailing tactics used by PRC-linked cyber actors and provided technical guidance for network defenders to address these threats.
These actions underscore a comprehensive governmental strategy aimed at safeguarding American citizens and critical systems from cyber threats originating from China. The U.S. emphasizes its commitment to utilizing all available resources to protect national infrastructure and people from irresponsible cyber activities.
The sanctions imposed by the Department of Treasury were enacted under Executive Order 13694, as amended. Additional details can be found in press releases from DOJ and Treasury as well as in the cybersecurity advisory.
