Technology

US sanctions Chinese firm over potentially deadly ransomware attack

By Raphael Satter
FILE PHOTO: Figurines with computers and smartphones are seen in front of the words "Cyber Attack" in this illustration taken, February 19, 2024. REUTERS/Dado Ruvic/Illustration/File Photo

WASHINGTON (Reuters) -The United States sanctioned a Chinese cybersecurity company over an ambitious cyberattack that U.S. Treasury officials say could have killed people.

The Treasury said in a statement on Tuesday that the Chengdu-based Sichuan Silence Information Technology Company and one of its employees, Guan Tianfeng, deployed malicious software to more than 80,000 firewalls run by thousands of companies worldwide in April 2020.

The malicious software not only stole data, but it was used to deploy ransomware, which paralyzes corporate networks by encrypting data. The statement said three dozen firewalls were protecting the systems of critical infrastructure companies and that, had the hacking not been thwarted or mitigated, the potential impact "could have resulted in serious injury or loss of human life."

In particular, the statement said that an energy company targeted in Sichuan Silence's hacking campaign was "actively involved in drilling" during the attack. Had the hacking not been thwarted, the statement said, "it could have caused oil rigs to malfunction."

Guan was separately charged with conspiracy to commit computer and wire fraud, according to a Department of Justice indictment made public on Tuesday. The FBI is offering $10 million for information about the 30-year-old, his company, or their alleged hacking activities.

Sichuan Silence did not immediately respond to an email and Reuters could not immediately locate contact information for Guan, who also goes by "gxiaomao" online.

Sichuan Silence has previously been accused of involvement in malicious digital activity. In 2021 Facebook and Instagram's parent company, Meta Platforms, alleged that the firm was linked to an online influence campaign that promoted claims of a phony biologist who said the United States was interfering in the search for the origins of COVID-19.

Beijing routinely denies being a party to hacking and other malicious cyber activity.

Ross McKerchar, the chief information security officer of the UK-based firm Sophos, whose routers were among those targeted in the cyberattack, said in a statement that the hackers had shown "relentless determination."

In a past report on the activity, Sophos said the hacks demonstrated "a level of commitment to malicious activity we have rarely seen in the nearly 40 years of Sophos' existence as a company."

(Reporting by Raphael Satter and Rami Ayyub in Washington. Additional reporting by James Pearson in London.Editing by Caitlin Webber and Matthew Lewis)

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
The thrill of climbing from the comfort of your couch
A word to the wise: Don’t trust AI to file your taxes
How ‘Pok�mon’ and ‘Resident Evil’ rewrote gaming history
AI chatbots want your health records. Tread carefully.
Exclusive-Meta planning sweeping layoffs as AI costs mount
Digg cuts jobs after facing AI bot surge
Apple MacBook Neo emerges as company’s most repairable laptop in more than a decade
US Commerce Department withdraws planned rule on AI chip exports, government website shows
Trump administration set to receive $10 billion fee for brokering TikTok deal, WSJ reports
Europe takes first step to banning AI-generated child sexual abuse images

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.