The United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced on Tuesday it imposed sanctions against a Chinese technology company over its involvement in a cybersecurity breach that affected "critical" infrastructure companies in the US in April 2020.
The sanctions targeted Sichuan Silence Information Technology Company Ltd. based in China and one of its employees Guan Tianfeng. OFAC stated that Sichuan Silence and Guan identified an exploit in a firewall product and used it to install malware on 81,000 firewalls belonging to businesses worldwide, including 23,000 in the US, 36 of which protected "critical infrastructure companies’ systems." The OFAC noted that "significant loss in human life" was prevented only because the victims had managed to identify the problem on time and patch their systems.
The US said it would continue to expose and counter malicious cyber activity directed against its citizens.