Chinese Hackers Breach US Treasury Systems
The US Treasury Department confirmed a cybersecurity breach attributed to a Chinese state-sponsored actor. The intrusion, described as a “major cybersecurity incident,” occurred through a third-party software service provider, BeyondTrust Inc., which notified the department on December 8.
Details of the Hack and Initial Findings
Hackers exploited a vulnerability in BeyondTrust’s cloud-based service, used for remote technical support for Treasury Departmental Offices. The attackers gained access to specific Treasury workstations and unclassified documents. While the compromised service has been taken offline, investigations continue to assess the full extent of the breach.
Collaboration with Cybersecurity Agencies
The Treasury is working with the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and third-party forensic investigators to analyze the breach. BeyondTrust has also contacted law enforcement and is assisting with the investigation. The company has assured that only a limited number of clients were affected and notified.
Chinese Embassy Denies Allegations
The Chinese embassy in Washington denied the hacking allegations, calling them baseless and accusing the US of spreading disinformation. These denials come amid escalating cybersecurity tensions between the US and China.
Broader Cybersecurity Concerns
The breach coincides with a larger cyber-espionage campaign against US telecommunications companies, allegedly by Chinese hackers known as “Salt Typhoon.” The group reportedly accessed sensitive communications, including those of political figures like former President Donald Trump and Vice President Kamala Harris’ campaign staff.
Implications for US-China Relations
This breach follows a period of relative calm in US-China relations, marked by diplomatic meetings and agreements. However, cybersecurity incidents like this threaten to reignite tensions, with the US planning further actions to hold Beijing accountable, including a ban on China Telecom.
Next Steps in Addressing the Breach
US officials are working to secure federal systems and mitigate potential risks. Lawmakers, including Senate Banking Committee members, have requested detailed briefings on the incident. Meanwhile, the Biden administration is exploring additional measures to counter Chinese cyber-espionage efforts.
The Treasury breach highlights the increasing need for robust cybersecurity measures and international accountability to prevent state-sponsored cyberattacks.