U.S. Unleashes Targeted Response to PRC-Connected Cyber Intruders Behind Treasury Breach and Salt Typhoon Operations

The United States is enacting sanctions today against Yin Kecheng and Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe), malevolent cyber actors tied to the People’s Republic of China (PRC) accountable for severe breaches against U.S. victims.

Yin Kecheng, a cyber threat actor based in Shanghai and linked to the PRC Ministry of State Security, was connected to the recent breach of the Department of Treasury’s network. Sichuan Juxinhe is a cybersecurity firm located in Sichuan that has direct involvement in the Salt Typhoon malicious cyber operations. The PRC-associated Salt Typhoon activities account for numerous compromises of U.S. telecommunications and internet service provider companies as part of an extensive and significant cyber espionage initiative.

Hackers from the PRC represent an ongoing and serious threat to our national security, and these breaches of U.S. governmental systems and essential infrastructure exemplify the PRC’s readiness to act in a malicious and reckless manner within cyberspace. We are disseminating information to nations worldwide on how to detect PRC breaches in their systems and implement best practices to strengthen their networks.

Alongside sanctions, the U.S. Department of State’s Rewards for Justice (RFJ) program, managed by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any individual who, while acting under the directive or control of a foreign government, participates in specific malicious cyber activities targeting U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.

The United States will persist in employing all available resources to impose consequences for, defend against, and avert PRC cyber threats to the safety and security of Americans, U.S. critical infrastructure, and that of our allies and partners.