January 7, 2025

OFAC designates Beijing-based cybersecurity company for enabling computer intrusions in the United States

On January 3, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control designated Beijing-based cybersecurity company Integrity Technology Group, Incorporated for its alleged participation in multiple computer intrusion incidents in the United States.  According to OFAC, cybersecurity incidents that took place between the summer of 2022 and fall of 2023 were attributed to Flax Typhoon, a Chinese malicious state-sponsored cybergroup that often targets organizations associated with critical infrastructure sectors in the United States.  Flax Typhoon has also allegedly compromised computer networks in North America, Europe, Africa, and Asia by exploiting publicly known vulnerabilities and using legitimate remote access software to gain control over victims’ networks.  OFAC reported that actors associated with Flax Typhoon used infrastructure tied to Integrity Tech to exploit the computer networks of multiple victims and routinely sent and received information from Integrity Tech’s infrastructure.

This designation was imposed pursuant to Executive Order 13694, as amended by EO 13757, for engaging in cyber-enabled activities originating outside of the United States that threaten the national security, foreign policy or the economic health and stability of the United States.  As a result of these designations, all property and interests in property of the designated persons within the United States or within the possession or control of a U.S. person are blocked, and U.S. persons are generally prohibited from engaging in transactions involving a designated person.  Entities owned 50 percent or more by one or more blocked persons are also blocked.

U.S. Department of Treasury Press Release