US offers $10 million reward for Chinese hackers

Separately, the Commerce Department sanctioned 8 other companies for human rights abuses in China, Russia and Myanmar.

WASHINGTON - The U.S. Treasury Department on Tuesday offered a $10 million reward for information about a Chinese company and employee it accuses of violating the firewalls of 80,000 computer networks worldwide, including for 36 items of “critical infrastructure” in America.

The Commerce Department separately announced human-rights related sanctions on two companies from China, two from Myanmar and four from Russia, which variously stand accused of links to the Myanmar military junta and to China’s repression of the Uyghurs.

State Department spokesperson Matthew Miller said that the Chinese company accused of hacking firewalls worldwide in 2020 -– which he identified as Sichuan Silence –- had “put American lives at risk.”


RELATED STORIES

FBI director: Chinese hackers targeting US infrastructure

Explained: What is America’s ‘blacklist’- and does it really work against China?

More China trade ‘hawks’ among Trump’s top State Department picks


Sichuan Silence and one of its chief employees, Guan Tianfeng, were now sanctioned by the U.S. Treasury Department, “for their roles in the compromise of tens of thousands of firewalls worldwide, including firewalls at U.S. critical infrastructure companies,” Miller said.

In addition, the State Department’s Rewards for Justice program was offering a reward of up to $10 million for any information about Sichuan Silence or Guan Tianfeng, the State Department spokesperson said.

No information was provided about which U.S. companies or pieces of infrastructure were targeted, but Miller said that Guan had attempted to deploy “ransomware” into his victims’ networks, which seize control of the system software and freeze its use until a payment is made.

U.S. law enforcement officials have warned that Chinese state-backed hackers are actively seeking to silently gain access to the software used to run important infrastructure like ports, electricity networks, hospitals and energy pipelines to “wreak havoc” at the right time.

The Treasury Department said in a press release that Sichuan Silence was “cybersecurity government contractor whose core clients are PRC intelligence services,” referring to the People’s Republic of China.

“Sichuan Silence provides these clients with computer network exploitation, email monitoring, brute-force password cracking, and public sentiment suppression products and services,” it said.

Human rights sanctions

To mark International Human Rights Day, the Commerce Department also unveiled new sanctions against eight other companies that stand accused of human rights violations in China, Myanmar and Russia.

The  U.S. Department of Justice headquarters building in Washington, July 14, 2009.
china-sanctions-firewall-human-rights-02 The U.S. Department of Justice headquarters building in Washington, July 14, 2009. (Jonathan Ernst/Reuters)

The two Chinese firms –- Beijing Zhongdun Security Technology Group and Zhejiang Uniview Technologies –- stand accused of selling items to the Chinese government for use in repression, a statement said.

Zhejiang Uniview Technologies was blacklisted “because it enables human rights violations, including high-technology surveillance targeted at the general population, Uyghurs, and members of other ethnic and religious minority groups,” according to a Federal Register filing.

The Myanmar firms -– Sky Aviator Company and Synpex Shwe Company –- were sanctioned, it adds, for selling the junta “parts and components that have enabled the military to carry out human rights violations, including brutal aerial attacks against the civilian population. ”

Two Russian companies –- Aviasnab LLC and Joint Stock Company Gorizont –- were also sanctioned for supplying the junta with parts, while the two remaining Russian companies were sanctioned for links to alleged human rights abuses that occurred within Russia itself.

The sanctions mean that no U.S. companies or individuals can do business with the companies, including by providing financial services like bank accounts or selling components for use in their products.

“Human rights abuses are contrary to the foreign policy interests of the United States,” said Alan Estevez, under secretary of commerce for industry and security, in a Commerce Department press release.

“By adding these parties to the Entity List with the presumption of denial license review policy, we aim to ensure that U.S. technology is not used to enable human rights violations and abuses,” he added.

Edited by Malcolm Foster.