Overview

• Britain’s NCSC and security bodies from 13 countries published a warning that names Sichuan Juxinhe Network Technology, Beijing Huanyu Tianqiong Information Technology, and Sichuan Zhixin Ruijie Network Technology as providers of services to China’s intelligence units.
• Officials say linked activity has targeted nationally significant organizations worldwide since 2021, including government, telecommunications, transportation and military infrastructure, with a cluster observed in the UK.
• Authorities report the intrusions relied on publicly known vulnerabilities rather than novel exploits or bespoke malware, and they urge organizations to proactively hunt for indicators of compromise, apply mitigations, and review network device logs.
• The operations overlap with campaigns labeled “Salt Typhoon”; the U.S. has sanctioned Sichuan Juxinhe over ties to that activity, which has been accused of sweeping up vast volumes of American call records.
• The statement comes from an unusually broad coalition that includes the Five Eyes plus Germany, Italy, Japan, the Netherlands, Poland, Spain, Finland and the Czech Republic; Beijing typically denies sanctioning cyber-espionage.