The United States has imposed sanctions on Integrity Technology Group, a prominent Beijing-based cybersecurity company, for its involvement in facilitating state-sponsored hacking activities targeting critical infrastructure.
Integrity Technology provided infrastructure to China’s Ministry of State Security (MSS) and several state-backed hacking groups, including the notorious Flax Typhoon, according to U.S. officials. The Treasury Department revealed that the company supported Flax Typhoon operations between the summer of 2022 and fall of 2023, enabling attacks on multiple U.S.-based victims.
Disruption of Integrity Technology’s Botnet
In September, the Department of Justice (DOJ) disrupted a botnet controlled by Integrity Technology that infected over 260,000 consumer devices. The FBI and the National Security Agency (NSA) simultaneously issued an advisory detailing Flax Typhoon’s tactics, techniques, and procedures (TTPs), as well as the infrastructure provided by Integrity Technology.
“Integrity Tech is a large PRC government contractor with ties to the Ministry of State Security,” said State Department spokesperson Matthew Miller. “The company provides services to national and municipal State Security and Public Security Bureaus, as well as other Chinese government cybersecurity contractors.”
Miller further elaborated that Flax Typhoon actors, operating under the direction of the PRC government, targeted critical infrastructure in the U.S. and overseas, including universities, government agencies, telecommunications providers, and media organizations.
Financial and Operational Impacts of Sanctions
The sanctions freeze all U.S.-based assets of Integrity Technology and restrict financial institutions from engaging with the company. Also known as Yongxin Zhicheng, the company is listed on the Shanghai Stock Exchange with a market capitalization of approximately $318 million and annual revenues of $56 million. Employing nearly 500 individuals, Integrity Technology specializes in network security products and is well-known in China for developing advanced cyber ranges—training tools simulating real-world digital systems.
Links to Cybercrime and Talent Cultivation
Founded in 2010 by prominent Chinese hacker Cai Jingjing, Integrity Technology has deep ties to China’s cyber-espionage apparatus. The company organizes the prestigious Matrix Cup hacking competition, granting it access to top cybersecurity talent. Recent leaks from rival information security firm i-SOON named Integrity Technology as a competitor and client, highlighting the interconnected web of private firms supporting China’s hacking campaigns.
Flax Typhoon’s Expansive Reach
First identified by Microsoft researchers in 2021, Flax Typhoon has targeted government agencies, critical manufacturing, education, and IT organizations, primarily in Taiwan. However, its operations have extended to Southeast Asia, North America, and Africa. FBI Director Christopher Wray described the group’s infection of IoT hardware—including cameras, video recorders, and storage devices—as a significant threat, noting that half of its botnet’s hijacked devices were located in the United States.
Using court authorization, the FBI successfully removed malware from infected devices and seized control of Flax Typhoon’s infrastructure. Investigations uncovered an Integrity Technology database containing over 1.2 million records of compromised devices. The malware was associated with the company’s branded tool, “KRLab,” which enabled malicious commands through an application dubbed the “vulnerability-arsenal.”
Broader Implications
The sanctions against Integrity Technology come amidst heightened tensions following revelations of Chinese hackers breaching the Treasury Department’s sanctions office through third-party software provider BeyondTrust. This underscores the persistent and evolving threat posed by state-sponsored hacking campaigns and the critical need for robust cybersecurity measures.
These sanctions mark a decisive step in countering cyber threats emanating from China, with U.S. officials signaling that further actions against state-sponsored cyber operations are likely.
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
