The United States has offered a reward of $10 million for information leading to the arrest of a Chinese national and his accomplices, accused of hacking computer firewalls.
Guan Tianfeng, aged 30, is believed to reside in Sichuan Province, China, according to the US State Department.
An indictment unsealed on Tuesday charges Guan with conspiracy to commit computer fraud and conspiracy to commit wire fraud.
The US Treasury Department announced sanctions against Sichuan Silence Information Technology Co Ltd, the company Guan is associated with.
Exploiting Security Vulnerabilities
Guan and his collaborators at Sichuan Silence allegedly exploited a vulnerability in firewalls developed by the UK-based cybersecurity firm Sophos Ltd, the indictment revealed.
“The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims across the globe,” Deputy Attorney General Lisa Monaco said in a statement.
In April 2020, more than 81,000 firewall devices worldwide were attacked simultaneously, the indictment noted. The attackers sought to steal data such as usernames and passwords and attempted to install ransomware.
Among these devices, over 23,000 were located in the United States, including 36 protecting critical infrastructure systems, according to the Treasury Department.
Mitigating the Threat
“The zero-day vulnerability that Guan Tianfeng and his co-conspirators exploited affected firewalls belonging to businesses across the United States,” said FBI agent Herbert Stapleton.
“Had Sophos not quickly identified the vulnerability and implemented a thorough response, the damage could have been far worse,” Stapleton added.
Links to Government and Business
The indictment alleges that Sichuan Silence Information Technology Co Ltd sold hacking services and data stolen through cyberattacks to Chinese businesses and government agencies, including the Ministry of Public Security.
The US reward highlights the severity of cyber threats posed by state-affiliated actors, with the United States taking significant steps to counter cyberattacks and hold those responsible accountable.