In a significant move against cybercrime, the United States has announced a US$10 million (S$13 million) reward for information leading to the arrest of Chinese national Guan Tianfeng. The 30-year-old is believed to be residing in Sichuan province, China, and is wanted for his alleged involvement in hacking incidents that exploited vulnerabilities in computer firewalls.
Indictment and Allegations
On 10 December 2024, an indictment was unsealed charging Guan with conspiracy to commit computer and wire fraud. The US Treasury Department also sanctioned the company he was affiliated with, Sichuan Silence Information Technology, indicating its role in these cyber attacks.
Exploiting Vulnerabilities
- Guan and his co-conspirators reportedly exploited a vulnerability in firewall devices sold by Sophos, a cybersecurity firm based in the UK.
- In April 2020, approximately 81,000 firewall devices were attacked globally, including over 23,000 in the US.
- 36 of these were critical to the infrastructure of companies in the US, raising concerns about national security.
US Deputy Attorney General Lisa Monaco stated, “The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world.” This attack aimed at stealing sensitive data like usernames and passwords and attempted to install ransomware.
China’s Response
The Chinese government quickly condemned the US actions. Foreign Ministry spokeswoman Mao Ning remarked that China opposes the “excessive application of illegal unilateral sanctions… against Chinese entities and individuals.” She hinted that China would take necessary measures to protect the rights of its citizens and companies.
Consequences of the Cyber Attacks
According to the indictment, the data siphoned from these cyber attacks was sold to various Chinese businesses and government entities, including the Ministry of Public Security. The implications of such breaches underscore the importance of robust cybersecurity measures across the globe.
As cyber threats continue to evolve, the international community is closely monitoring this situation, highlighting the critical intersection of technology and diplomacy.