Posted: 10:20 AM PST · December 10, 2024
Carly Page
US Sanctions Chinese Cybersecurity Firm for Firewall Hacks Targeting Critical Infrastructure
The United States has imposed sanctions on a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations.
Background
On Tuesday, the U.S. Treasury Department announced that Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos in November, led to the compromise of more than 23,000 firewalls in the U.S., dozens of which were used at a government agency and critical infrastructure companies.
Impact
One of these compromised organizations was an energy company involved in drilling operations. The Treasury noted that the incident could have caused "significant loss in human life" if the attack had been successful. The purpose of the exploit was to use the compromised firewalls to steal data, but Guan also attempted to infect the victims’ systems with the Ragnarok ransomware variant.
Details of the Hacking Campaign
The hacking campaign was carried out by exploiting a zero-day vulnerability in Sophos firewalls, which allowed the attackers to gain unauthorized access to the affected systems. The compromise was first reported by Sophos in November, but the full extent of the damage was not known until now.
U.S. Government Response
The U.S. government has taken swift action in response to this incident, imposing sanctions on Guan Tianfeng and Sichuan Silence. This move is part of a broader effort by the U.S. government to combat cyber threats from China and other nations.
Ransomware and Cybersecurity Threats
The Ragnarok ransomware variant used in this attack is just one example of the many types of malware that are being used by hackers to extort money from organizations. Ransomware attacks have become increasingly common in recent years, with victims including hospitals, schools, and other critical infrastructure.
Impact on Critical Infrastructure
The compromise of firewalls at an energy company involved in drilling operations highlights the vulnerability of critical infrastructure to cyber threats. The potential consequences of a successful attack on such systems could be catastrophic, leading to significant loss of life and property damage.
U.S. Government Priorities
The U.S. government has made it clear that combating cyber threats from China is a top priority. In addition to imposing sanctions on Guan Tianfeng and Sichuan Silence, the U.S. government is also working to improve cybersecurity protections for critical infrastructure and to increase international cooperation on cyber issues.
Related News
- Apple may add an iPhone Air to its lineup: Apple is rumored to be working on a new device that could fill the gap between the standard iPhone and the Pro models.
- How to turn off Apple Intelligence-powered notification summaries: If you’re tired of getting notifications from Apple about your habits, here’s how to disable them.
- Meet the Chinese ‘Typhoon’ hackers preparing for war: A group of Chinese hackers has been identified as being behind a series of high-profile attacks on U.S. companies.
Security News
- Microsoft accuses group of developing tool to abuse its AI service in new lawsuit: Microsoft has filed a lawsuit against a group it alleges is using its AI service for malicious purposes.
- Meet the Chinese ‘Typhoon’ hackers preparing for war: A group of Chinese hackers has been identified as being behind a series of high-profile attacks on U.S. companies.
- US government charges operators of crypto mixing service used by North Korea and ransomware gangs: The U.S. government has charged the operators of a cryptocurrency mixing service that was allegedly used by North Korea and ransomware gangs.
Stay Up-to-Date with TechCrunch
To stay informed about the latest developments in technology, including cybersecurity news, subscribe to TechCrunch’s daily newsletter or follow us on social media.
