The United States announced a $10 million reward on Tuesday for information leading to the capture of a Chinese national and his associates accused of hacking computer firewalls. Guan Tianfeng, 30, is reportedly residing in Sichuan province, according to the U.S. State Department.
An unsealed indictment charged Guan with conspiracy to commit computer fraud and wire fraud. The Treasury Department also imposed sanctions on his employer, Sichuan Silence Information Technology Co. Ltd.
China promptly criticized the U.S. actions, accusing it of using cybersecurity issues to undermine China’s reputation. “We firmly oppose the excessive application of illegal unilateral sanctions against Chinese entities and individuals,” said Foreign Ministry spokeswoman Mao Ning on Wednesday. She added that China would take necessary measures to protect the rights and interests of its companies and citizens.
Guan and his associates allegedly exploited a vulnerability in firewalls produced by UK-based cybersecurity firm Sophos Ltd, according to the indictment. Deputy Attorney General Lisa Monaco stated, “The defendant and his co-conspirators used this vulnerability to infect tens of thousands of network security devices with malware designed to steal information globally.”
The indictment detailed a massive attack in April 2020, targeting 81,000 firewall devices worldwide, including 23,000 in the U.S., 36 of which belonged to critical infrastructure systems. The attackers sought to steal data such as usernames and passwords while deploying ransomware.
FBI agent Herbert Stapleton emphasized the importance of Sophos’s quick response, noting, “If Sophos had not rapidly identified the vulnerability and implemented a comprehensive response, the consequences could have been far worse.”
The indictment also revealed that Sichuan Silence provided hacked data and services to Chinese businesses and government agencies, including the Ministry of Public Security.
When contacted for comment, a representative of Sichuan Silence declined to discuss the sanctions, stating the company does not grant interviews. The individual, who did not provide his name, also claimed Guan was “uncontactable.”