The US government on Monday announced a fresh round of sanctions against a pair of Chinese hackers it says are responsible for “malicious cyber operations targeting U.S. entities that operate within U.S. critical infrastructure sectors.”
The Department of the Treasury’s Office of Foreign Assets Control (OFAC) said the sanctions also extend to a Wuhan, China-based technology company serving as a front for multiple malicious cyber operations.
In tandem, the US Department of Justice unsealed an indictment against 7 Chinese nationals — including the sanctioned Zhao Guangzong and Ni Gaobin — and announced its allies in the UK and the Commonwealth and Development Office implemented matching sanctions.
The government said the hackers are linked to APT31, a nation state-backed hacking team caught infiltrating critical infrastructure installations in Eastern Europe and breaking into routers in France.
The Department of Treasure notes that APT 31 is a collection of Chinese state-sponsored intelligence officers, contract hackers, and support staff that conduct malicious cyber operations on behalf of the Hubei State Security Department (HSSD).
It said APT 31 has targeted a wide range of high-ranking U.S. government officials and their advisors integral to U.S. national security including staff at the White House; the Departments of Justice, Commerce, the Treasury, and State and even members of Congress.
The sanctions come as APT31 has been linked to malicious attacks against some of America’s most vital critical infrastructure sectors, including the Defense Industrial Base, information technology, and energy sectors.
“APT 31 actors have gained unauthorized access to multiple Defense Industrial Base victims, including a defense contractor that manufactured flight simulators for the U.S. military, a Tennessee-based aerospace and defense contractor, and an Alabama-based aerospace and defense research corporation,” the US government said.
The front company, identified as Wuhan XRZ, has been used to surreptitiously carry out cyber operations that result in the surveillance of U.S. and foreign politicians, foreign policy experts, academics, journalists, and pro-democracy activists.
Related: US Slaps Sanctions on ‘Dangerous’ Iranian Hackers
Related: Calls Mount for US Clampdown on Mercenary Spyware Merchants
Related: US Treasury Sanctions Crypto Exchange in Anti-Ransomware Crackdown
Related: Lawmakers Want Ban on American VCs Funding Chinese Tech
Source: securityweek.com