The US government recently unveiled charges against a Chinese national accused of hacking into approximately 81,000 Sophos firewall devices worldwide in 2020. Guan Tianfeng, also known as gbigmao and gxiaomao, faces charges of conspiracy to commit computer fraud and conspiracy to commit wire fraud. Additionally, Tianfeng is alleged to have developed and tested a zero-day security vulnerability, CVE-2020-12271, with a CVSS score of 9.8, a critical SQL injection flaw that could enable remote code execution.
A federal arrest warrant has been issued for Tianfeng in the US District Court, Northern District of Indiana, Hammond Division, as authorities believe he is currently residing in Sichuan Province, China. The US Department of State’s Rewards for Justice Program is offering a reward of up to $10 million for information on Tianfeng, his activities, and the offices he worked out of at Sichuan Silence Technology Company Ltd., along with any associates involved in malicious cyber activity.
“The defendant and his collaborators compromised tens of thousands of firewalls, putting at risk vital computer systems in the United States and globally,” remarked Assistant Attorney General for National Security Matthew Olsen in a press release. “The Department of Justice is committed to holding accountable those who contribute to the dangerous network of China-based entities that engage in widespread hacking activities on behalf of their patrons, undermining global cybersecurity.”
Citizens with tips or information on Tianfeng can contact the FBI through various channels such as WhatsApp, Signal, Telegram, or tips.fbi.gov. Such collaboration between law enforcement agencies and the public is crucial in combating cyber threats and safeguarding critical infrastructure. The case serves as a reminder of the ongoing challenges posed by cybercriminals and underscores the importance of international cooperation to address such threats effectively.
Cybersecurity experts emphasize the need for organizations to prioritize the security of their systems and regularly update their defenses to thwart potential breaches. Sophos, the target of the attack in this case, has likely enhanced its security measures to prevent similar incidents in the future. However, the evolving nature of cyber threats necessitates continuous vigilance and proactive measures to mitigate risks effectively.
The indictment of Guan Tianfeng sheds light on the persistent threat posed by malicious actors seeking to exploit vulnerabilities for personal gain or malicious intent. It underscores the critical role of law enforcement agencies in investigating and prosecuting such crimes to deter future attacks and protect individuals and businesses from cyber threats. By raising awareness about cybersecurity risks and encouraging collaboration among stakeholders, the global community can work together to enhance resilience against cyber attacks and ensure a secure digital environment for all.