On December 10, the United States imposed sanctions on a Chinese cybersecurity firm due to a serious cyberattack that U.S. Treasury officials believe could have endangered lives. The Treasury announced that Sichuan Silence Information Technology Company, located in Chengdu, and one of its employees, Guan Tianfeng, installed harmful software on over 80,000 firewalls used by thousands of businesses worldwide in April 2020. This software not only stole information but also deployed ransomware, which can disrupt business operations by locking up data.
The announcement highlighted that three dozen of these firewalls protected critical infrastructure companies, and if the attack had not been stopped, it might have resulted in significant injuries or fatalities. Notably, an energy firm targeted during this attack was actively drilling at the time. If the attack had gone unchallenged, it could have led to problems with oil rigs. Guan has also been accused of conspiracy to commit computer and wire fraud, according to a Department of Justice indictment released on the same day. The FBI is offering a reward of $10 million for information about him, his company, or their alleged hacking activities.
Sichuan Silence did not reply to an email, and Reuters was unable to find contact details for Guan, who is also known as “gxiaomao” online. The company has faced accusations of being involved in harmful online activities. In 2021, Meta Platforms, which owns Facebook and Instagram, claimed
Sichuan Silence was part of a campaign that spread false information about a fake biologist alleging U.S. interference in finding the origins of COVID-19. China usually denies involvement in hacking or other harmful cyber actions. Ross McKerchar, the chief information security officer at Sophos, a UK company whose routers were attacked, stated that the hackers displayed “relentless determination.”