1. Haberler
  2. News
  3. US sanctions China cyber firm for potentially deadly ransomware attack | Cybercrime News

US sanctions China cyber firm for potentially deadly ransomware attack | Cybercrime News

featured


Bu içerikte, ABD Hazine Departmanı’nın açıklamasına göre ABD’de hedeflenen bazı güvenlik duvarları kritik altyapı şirketlerini koruyordu. Çin merkezli bir güvenlik şirketi ve bir araştırmacısının 2020’de gerçekleştirdiği bir Siber saldırı sonucunda ABD tarafından yaptırımlara maruz kaldığı belirtiliyor. Sichuan Silence Bilgi Teknolojisi Şirketi çalışanı Guan Tianfeng’in, 2020 Nisan ayında dünya genelinde binlerce şirketin kullandığı 81.000 güvenlik duvarına zararlı yazılım yerleştirdiği ve bunların içinde 23.000’inin ABD’de olduğu ifade ediliyor. ABD Adalet Bakanlığı da Guan hakkında bir suçlamayı açıkladı ve ABD Dışişleri Bakanlığı da Sichuan Silence veya Guan hakkında bilgi sağlayan kişiye 10 milyon dolar ödül vereceğini duyurdu. Sichuan Silence, merkezi Çin’in ortasındaki Chengdu şehrinde bulunan bir hükümet yüklenicisi olarak Çin hükümeti istihbarat servislerinin ana müşterilerinin olduğu belirtiliyor. Sichuan Silence’in daha önce de siber saldırılara karıştığına dair iddialar bulunuyor. Ayrıca, ABD’de son dönemde Çin ile bağlantılı birçok siber casusluk iddiası ortaya atıldığı belirtiliyor. Son olarak, Sichuan Silence ile ilgili vakada, zararlı yazılımın veri çalmak ve fidye yazılımı dağıtmak amacıyla tasarlandığı ve kritik altyapı şirketlerinin sistemlerini koruyan 36 güvenlik duvarının hedeflendiği ifade ediliyor. Bu saldırının ciddi insan kaybına neden olabileceği vurgulanıyor. Yaptırımların, Sichuan Silence ve Guan’ın ABD’deki varlıklarını bloke ettiği ve genellikle ABD bankalarının, şirketlerinin veya bireylerinin onlarla iş yapmasını yasakladığı belirtiliyor.
[ad 1]

#sanctions #China #cyber #firm #potentially #deadly #ransomware #attack #Cybercrime #News

Kaynak: www.aljazeera.com

Some firewalls targeted in the US were protecting critical infrastructure companies, the US Treasury Department says.

A Chinese cybersecurity company and one of its researchers have been sanctioned by the United States over a 2020 cyberattack that sought to exploit a computer software vulnerability in company firewalls, potentially resulting in deaths from system malfunctions, the US Treasury Department has announced.

Guan Tianfeng, an employee of Sichuan Silence Information Technology Company, deployed malicious software to 81,000 firewalls run by thousands of companies worldwide in April 2020, including 23,000 in the US, the Treasury Department said in a statement on Tuesday.

The US Department of Justice also unsealed an indictment on Guan on Tuesday for his role in the cyberattack. Additionally, the US Department of State is offering a $10m reward for information about Sichuan Silence or Guan.

Sichuan Silence is a cybersecurity government contractor located in the city of Chengdu in central China whose main clients are Chinese government intelligence services, the Treasury Department said.

“Sichuan Silence provides these clients with computer network exploitation, email monitoring, brute-force password cracking, and public sentiment suppression products and services,” it added.

Al Jazeera was not able to immediately contact a lawyer for Guan to seek comment.

The sanctions come on the heels of a series of alleged Chinese cyber espionage allegations in the US.

Last week, US officials accused Chinese hackers of stealing the metadata of a large number of Americans in a wide-ranging cyberespionage campaign that has targeted at least eight US telecom firms, as well as dozens of other countries.

In November, US authorities said they had uncovered “a broad and significant” campaign carried out by China-linked hackers, dubbed Salt Typhoon, that targeted multiple telecommunications companies aiming to steal information from Americans working in government and politics.

In September, the FBI also said it had uncovered a far-reaching Chinese hacking campaign named Flax Typhoon.

The Chinese government denies that it engages in hacking and other forms of cyberattacks.

Critical infrastructure targeted

In the latest case involving Sichuan Silence, the malware was allegedly designed to steal data, including usernames and passwords, as well as deploy ransomware that blocks access to victims’ computer networks using encryption when companies try to fix the attacks.

Of the 23,000 firewalls in the US, 36 were protecting the systems of critical infrastructure companies, the Treasury Department said. If any of the targets had failed to sufficiently protect their systems or quickly detect the ransomware attack, the potential impact “could have resulted in serious injury or the loss of human life”, it added.

One victim was a US energy company that was actively involved in drilling operations at the time of the compromise, potentially causing oil rigs to malfunction and “causing a significant loss in human life”.

The sanctions effectively block any assets of Sichuan Silence and Guan in the US, and usually ban US banks, companies or individuals from doing business with them.

Sichuan Silence has previously been accused of involvement in cyberattacks. In 2021, Meta Platforms, the parent company of Facebook and Instagram, alleged that the firm was linked to an online disinformation network spreading the claims of a fake Swiss biologist who alleged the US was meddling in efforts to find the origins of COVID-19.

US sanctions China cyber firm for potentially deadly ransomware attack | Cybercrime News
Yorum Yap

Yorumlar kapalı.