The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has taken significant action against entities linked to cyber activities targeting U.S. national security. The latest round of sanctions is aimed at Yin Kecheng, a cyber actor based in Shanghai, and Sichuan Juxinhe Network Technology Co., LTD., a cybersecurity company associated with the Salt Typhoon hacker group. These sanctions form part of the U.S. government’s ongoing efforts to address the increasing threat posed by cyber actors affiliated with the People’s Republic of China (PRC).
Yin Kecheng has been identified as a key player in the breach of the Department of the Treasury’s Departmental Offices network. This breach is part of a larger pattern of malicious cyber activity originating from China and targeting U.S. government systems. OFAC has revealed that Yin has been engaged in cyber espionage for over a decade and has ties to China’s Ministry of State Security (MSS). The sanctions against Yin Kecheng are based on Executive Order (E.O.) 13694, which focuses on individuals and entities involved in cybercrimes that threaten U.S. national security, foreign policy, or economic interests.
Adewale O. Adeyemo, the Deputy Secretary of the Treasury, underscored the department’s commitment to holding cyber actors accountable for their actions. He emphasized that the Treasury Department will continue to leverage its authorities to address malicious cyber activities targeting the American people, U.S. companies, and the government.
The sanctions against Sichuan Juxinhe Network Technology Co., LTD. are related to its involvement in the cyber operations of the Salt Typhoon group. Salt Typhoon has a history of breaching U.S. telecommunication and internet service provider networks, with recent attacks targeting major companies in these sectors. The activities of Salt Typhoon underscore the ongoing threat posed by Chinese cyber operations against critical U.S. infrastructure.
The U.S. Treasury’s actions against Yin Kecheng and Sichuan Juxinhe are part of a broader strategy to counter reckless cyber activities linked to China. Previous sanctions in 2024 targeted entities like Sichuan Silence Information Technology Company, Ltd. and Wuhan Xiaoruizhi Science and Technology Company, Ltd., further highlighting the government’s determination to protect its cyber infrastructure. The Office of the Director of National Intelligence’s Annual Threat Assessment has identified Chinese cyber actors, particularly those associated with the MSS, as persistent threats to U.S. national security.
In conclusion, the U.S. Department of State is offering a reward of up to $10 million for information leading to the identification of individuals involved in malicious cyber activities targeting U.S. critical infrastructure. The Treasury Department’s sanctions against Yin Kecheng, Sichuan Juxinhe, and their connections to the Salt Typhoon hacker group demonstrate the government’s seriousness in addressing cybersecurity threats. These measures emphasize the importance of international cooperation in addressing the growing challenges to national security posed by foreign cyber threats.