US Sanctions Sichuan Silence and Employee for Cyberattacks on 81,000 Sophos Firewalls

Dec 11, 2024, 04:41 AM

The United States has imposed sanctions on Sichuan Silence Information Technology Co Ltd, a Chinese cybersecurity firm, and one of its employees, Guan Tianfeng, for their involvement in cyberattacks targeting critical infrastructure. Guan Tianfeng, a 30-year-old Chinese national, has been charged with exploiting a zero-day vulnerability in 81,000 Sophos firewalls worldwide, which facilitated the infiltration of critical systems, theft of sensitive data, and targeting U.S. infrastructure in April 2020. The U.S. Department of State has announced a $10 million reward for information leading to the arrest of Guan and his co-conspirators. One notable incident involved an energy company actively involved in drilling during the attack.