Unlock the White House Watch newsletter for free
A guide to what the 2024 US election means for Washington and the world.
Chinese state-sponsored attackers hacked the U.S. Treasury through a third-party service provider in a “major cybersecurity incident,” the department announced Monday.
In a letter to the Senate Banking Committee obtained by the Financial Times, the Treasury Department said on Dec. 8 that hackers obtained security keys from software company Beyond Trust and breached multiple remote government workstations. He said he was informed that he had gained access as a result. Unclassified documents regarding them.
“Based on available indicators, this incident is believed to be the work of a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” the letter said. “In accordance with Treasury Department policy, intrusions caused by APTs are considered serious cybersecurity incidents.”
The department said it is working with the FBI and other investigators in the broader intelligence community to determine the impact of the hack. “At this time, there is no evidence that the attackers continued to access Treasury information,” it added.
In a separate statement Monday, a Treasury Department spokesperson said the agency “takes all threats to our systems and the data we hold very seriously.”
“We continue to work with our private and public sector partners to protect the financial system from threat actors,” the official added.
Liu Pengyu, a spokesperson for the Chinese embassy in Washington, said on Monday: “When clarifying the characteristics of a cyber incident, it is important for relevant parties to base their conclusions on sufficient evidence and use professional expertise rather than baseless speculation and accusations.” I hope that they will behave responsibly.”
He added: “The United States needs to stop using cybersecurity to smear and smear China, and stop spreading all kinds of disinformation about the so-called Chinese hacking threat.”
The breach is the latest cybersecurity breach involving U.S. targets allegedly carried out on behalf of China.
The Biden administration announced in October that the FBI and Cybersecurity and Infrastructure Security Agency were investigating what it said was “unauthorized access to commercial telecommunications infrastructure by persons with ties to the People’s Republic of China.” Hackers have reportedly targeted the cellphones of President-elect Donald Trump and his running mate J.D. Vance in the run-up to the US election.
Underscoring the level of concern, the Commerce Department in September proposed banning Chinese software and hardware for vehicles with built-in internet connectivity to limit China’s access to Americans’ data. Measures have been taken.
