US Treasury Reports Cyberattack Attributed to China
Chinese hackers, believed to be state-sponsored, have reportedly breached the US Treasury Department's systems and obtained access to unclassified documents. Read Full Article at RT.com
TroibNews 
The cybersecurity breach has been deemed a “major incident,” and the intelligence community is currently evaluating its consequences.
According to a letter from the US Treasury Department sent to lawmakers on Monday, alleged state-sponsored Chinese hackers have gained entry into the US Treasury, allowing them access to unclassified documents and specific workstations utilized by government employees.
The breach was first reported to the Treasury on December 8 by BeyondTrust, a third-party software service provider. The hackers managed to obtain a security key used by the vendor to protect a cloud-based service that provides remote technical support for Treasury Departmental Offices' end users. With this key, the attackers could bypass the service’s security, remotely access selected workstations, and retrieve unclassified documents stored on those systems.
“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat actor,” the Treasury noted in a letter dated December 30.
The department categorized the breach as a major cybersecurity incident and is working in conjunction with the FBI, the broader intelligence community, and other investigators to gauge its impact. The compromised service has been disabled, and there is currently no indication that the perpetrators still have access to any Treasury information.
A spokesperson for the Treasury Department stressed the seriousness with which they approach such threats and their dedication to collaborating with both private and public sector partners to safeguard the financial system, as reported by the New York Times. Additional details regarding the intrusion will be shared in a supplemental report to Congress within 30 days.
This incident comes on the heels of reports about a breach linked to another alleged Chinese hacking group known as Salt Typhoon, which infiltrated US telecommunications systems extensively. The hackers reportedly accessed phone conversations and text messages from US officials, including those of President-elect Donald J. Trump and Vice President-elect JD Vance, in what has been described as “the largest telecommunications hack in our nation’s history.”
The Salt Typhoon attack focused on the networks of major telecommunications companies like AT&T, Verizon, and Lumen. This infiltration offered the hackers critical insights into US surveillance activities, including a nearly complete list of phone numbers that the Justice Department has wiretapped to monitor individuals suspected of engaging in criminal activities or espionage.
In response to the hacking allegations, Beijing has consistently denied any wrongdoing. Earlier this month, the Chinese Foreign Ministry asserted that the US uses accusations of hacking to defame China and to rationalize unilateral sanctions.
“We urge the US to stop using cybersecurity issues to smear and vilify China and to cease imposing illicit unilateral sanctions,” stated Chinese Foreign Ministry spokesperson Mao Ning.
Ian Smith contributed to this report for TROIB News
According to a letter from the US Treasury Department sent to lawmakers on Monday, alleged state-sponsored Chinese hackers have gained entry into the US Treasury, allowing them access to unclassified documents and specific workstations utilized by government employees.
The breach was first reported to the Treasury on December 8 by BeyondTrust, a third-party software service provider. The hackers managed to obtain a security key used by the vendor to protect a cloud-based service that provides remote technical support for Treasury Departmental Offices' end users. With this key, the attackers could bypass the service’s security, remotely access selected workstations, and retrieve unclassified documents stored on those systems.
“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat actor,” the Treasury noted in a letter dated December 30.
The department categorized the breach as a major cybersecurity incident and is working in conjunction with the FBI, the broader intelligence community, and other investigators to gauge its impact. The compromised service has been disabled, and there is currently no indication that the perpetrators still have access to any Treasury information.
A spokesperson for the Treasury Department stressed the seriousness with which they approach such threats and their dedication to collaborating with both private and public sector partners to safeguard the financial system, as reported by the New York Times. Additional details regarding the intrusion will be shared in a supplemental report to Congress within 30 days.
This incident comes on the heels of reports about a breach linked to another alleged Chinese hacking group known as Salt Typhoon, which infiltrated US telecommunications systems extensively. The hackers reportedly accessed phone conversations and text messages from US officials, including those of President-elect Donald J. Trump and Vice President-elect JD Vance, in what has been described as “the largest telecommunications hack in our nation’s history.”
The Salt Typhoon attack focused on the networks of major telecommunications companies like AT&T, Verizon, and Lumen. This infiltration offered the hackers critical insights into US surveillance activities, including a nearly complete list of phone numbers that the Justice Department has wiretapped to monitor individuals suspected of engaging in criminal activities or espionage.
In response to the hacking allegations, Beijing has consistently denied any wrongdoing. Earlier this month, the Chinese Foreign Ministry asserted that the US uses accusations of hacking to defame China and to rationalize unilateral sanctions.
“We urge the US to stop using cybersecurity issues to smear and vilify China and to cease imposing illicit unilateral sanctions,” stated Chinese Foreign Ministry spokesperson Mao Ning.
Ian Smith contributed to this report for TROIB News
