The Beijing-based cybersecurity company Integrity Technology Group (Integrity Tech) has been sanctioned by the U.S. Treasury Department for allegedly participating in cyberattacks against vital U.S. infrastructure. This decision, which was made public on January 3, 2025, comes after it was discovered that Integrity Tech had provided support to Flax Typhoon, a Chinese hacker collective that has been active since at least 2021 and is connected to state-sponsored cyber operations that target a variety of industries, including telecommunications and the government.
As part of a larger strategy to counter persistent cybersecurity threats from Chinese actors, which have been identified as one of the most significant risks to U.S. national security, Integrity Tech is accused of facilitating multiple computer intrusion incidents against U.S. victims by providing infrastructure that allowed Flax Typhoon to infiltrate networks and conduct surveillance across four continents. According to the Treasury’s statement, the hacking group used Integrity Tech’s systems to transmit and receive data during these operations. The announcement follows revelations that Chinese hackers had breached the Treasury’s own systems, accessing unclassified information through vulnerabilities in third-party systems.
Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith stressed that the department would continue to work to improve cyber defenses in the public and commercial sectors and hold bad actors responsible.
The U.S. government’s rising concern about Chinese cyber actors’ actions and their effects on national security is reflected in these sanctions, which also show a dedication to protecting vital infrastructure from outside threats.
