Sichuan Silence Information Technology

About

The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act.

People’s Republic of China-based Sichuan Silence Information Technology Co. Ltd. (Sichuan Silence) has provided services to China’s Ministry of Public Security, among other Chinese government agencies. According to Sichuan Silence’s website, it developed a product line which could be used to scan and detect overseas network targets to obtain valuable intelligence information.

In 2020, Chinese national Guan Tianfeng and other employees of Sichuan Silence developed and tested intrusion techniques prior to deploying malicious software that allowed them to exploit a zero-day vulnerability in certain firewalls sold by U.K.-based cybersecurity firm Sophos Ltd. They deployed malware worldwide, permitting access to certain Sophos firewalls without authorization, causing damage to them, and allowing them to retrieve and exfiltrate data from both the firewalls themselves and the computers behind these firewalls. The malware also was designed to encrypt files on infected computers if a victim attempted to remediate the infection. Sichuan Silence used the exploit to infiltrate approximately 81,000 firewall devices, including a firewall device used by a U.S. government agency.

Anyone with information on Guan Tianfeng, Sichuan Silence, associated individuals or entities, or their malicious cyber activity should contact Rewards for Justice via the Tor-based tips-reporting channel at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion (Tor browser required).