The United States Treasury was hacked by one of China's intelligence agencies, the department announced Monday, with hackers remotely accessing workstations as well as unclassified documents.
The revelation came in a letter to lawmakers, with the agency stating that “at this time there is no evidence indicating the threat actor has continued access to Treasury information.” The “major cybersecurity incident” came through a third-party software service provider.
“Treasury takes very seriously all threats against our systems, and the data it holds,” a department spokesperson said in a statement, reports AP. “Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”
In a letter informing lawmakers of the episode, the Treasury Department said it had been notified on Dec. 8 by a third-party software service company, BeyondTrust, that the hacker had obtained a security key that allowed it to gain remote access to certain Treasury workstations and documents on them.
“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor,” the letter said. “In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident.” […]
But the admission by the administration about the Treasury Department comes at a particularly sensitive moment, just as the Biden White House is dealing with one of the most far-reaching, and damaging, hacks into American infrastructure in the cyberage.
In recent months, a series of revelations have shown how a sophisticated Chinese intelligence group, called Salt Typhoon, penetrated deep into at least nine U.S. telecommunications firms.
That breach exploited critical gaps in the patched-together U.S. telecommunications infrastructure, giving the hackers access to not only text messages but also phone conversations. Investigators said that among the targets were the commercial, unencrypted phone lines used by President-elect Donald J. Trump, Vice President-elect JD Vance and top national security officials, though it is not clear what conversations, if any, the hackers were able to monitor.
The Salt Typhoon hackers also obtained a nearly complete list of phone numbers the Justice Department has wiretapped to monitor people suspected of crimes or espionage, giving the Chinese government insight into which Chinese spies the United States has identified — and which it has missed. As a result, the breach has concerned counterintelligence officials, who fear that Beijing will learn who is under suspicion and who is not. (NYT)
In typical fashion, China denied the allegation.
“We have repeatedly stated our position on such groundless accusations that lack evidence,” Foreign Ministry spokesperson Mao Ning said at a daily briefing, according to AP. “China consistently opposes all forms of hacking, and we are even more opposed to the dissemination of false information against China for political purposes.”
Join the conversation as a VIP Member