Key Points
- The U.S. sanctioned Sichuan Silence and employee Guan Tianfeng for cyberattacks.
- The malware targeted 80,000 firewalls globally, including critical infrastructure.
- The attack threatened oil rig operations, risking potential loss of life. Ransomware was deployed to encrypt and paralyze networks.
- Sichuan Silence was previously linked to misinformation campaigns by Meta. Beijing denies any involvement in hacking or malicious cyber activities.
The United States has sanctioned Chengdu-based Sichuan Silence Information Technology Company and one of its employees, Guan Tianfeng, for their alleged role in a cyberattack that U.S. Treasury officials say threatened human lives. According to a statement released Tuesday, the company deployed malicious software in April 2020 that targeted over 80,000 firewalls used by thousands of organizations globally.
The malware was designed not only to steal sensitive data but also to deploy ransomware, which encrypts data and cripples corporate networks. Alarmingly, the U.S. Treasury noted that some compromised firewalls protected critical infrastructure, including an energy company actively involved in drilling operations. If left unmitigated, the attack could have caused oil rigs to malfunction, leading to potential injuries or loss of life.
The Treasury highlighted that three dozen affected firewalls were integral to critical infrastructure systems. Although details of the specific incident remain scarce, the attack was ultimately thwarted or mitigated, preventing catastrophic outcomes.
This isn’t the first time Sichuan Silence has been accused of malicious cyber activity. In 2021, Meta Platforms linked the firm to an online influence campaign that involved false claims about U.S. interference in investigating the origins of COVID-19. Despite these allegations, Beijing has consistently denied involvement in hacking or other cyberattacks.
The sanctions underscore growing cybersecurity tensions between the U.S. and China. The Treasury’s statement warns of the potential human costs of cyberattacks, especially those targeting critical systems, marking this incident as a serious escalation in global cybersecurity threats.