A significant cybersecurity breach has compromised the US Treasury Department's systems, attributed to a Chinese state-sponsored hacking group. This incident, disclosed on Monday, involves unauthorized access to employee workstations and certain unclassified documents.
China-Based Hackers Breach US Treasury Department's Systems
China-Based Hackers Breach US Treasury Department's Systems
US Treasury Department confirms major cybersecurity incident involving Chinese state-sponsored hackers accessing internal data.
The breach reportedly occurred in early December, with details revealed in a letter sent by the Treasury to lawmakers. The letter indicates that the hackers exploited a vulnerability related to a third-party service provider, BeyondTrust, which offers remote technical support to Treasury employees.
According to Treasury officials, this China-based Advanced Persistent Threat (APT) actor was able to bypass security measures using a key granted to BeyondTrust, marking the event as a "major incident." Since then, Treasury has taken immediate action by removing the compromised service from operation and has been collaborating with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) to assess the breach's implications.
Treasury officials emphasized that they are committed to defending their systems against ongoing threats. No evidence has emerged suggesting that the hackers continued to access Treasury data post-intrusion, underscoring a temporary breach rather than a sustained threat.
This incident highlights ongoing tensions between the US and China concerning cybersecurity, as US officials have frequently pointed to Chinese government-sponsored cyber-espionage. In response to the allegations, Chinese authorities have consistently denied involvement in hacking activities targeting US networks.
More developments are expected as investigations continue into the extent of the security breach, with an emphasis on safeguarding sensitive information going forward.
In the wake of this significant event, the Treasury Department reaffirms its commitment to cybersecurity, ensuring the protection of critical data against external threats.
According to Treasury officials, this China-based Advanced Persistent Threat (APT) actor was able to bypass security measures using a key granted to BeyondTrust, marking the event as a "major incident." Since then, Treasury has taken immediate action by removing the compromised service from operation and has been collaborating with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) to assess the breach's implications.
Treasury officials emphasized that they are committed to defending their systems against ongoing threats. No evidence has emerged suggesting that the hackers continued to access Treasury data post-intrusion, underscoring a temporary breach rather than a sustained threat.
This incident highlights ongoing tensions between the US and China concerning cybersecurity, as US officials have frequently pointed to Chinese government-sponsored cyber-espionage. In response to the allegations, Chinese authorities have consistently denied involvement in hacking activities targeting US networks.
More developments are expected as investigations continue into the extent of the security breach, with an emphasis on safeguarding sensitive information going forward.
In the wake of this significant event, the Treasury Department reaffirms its commitment to cybersecurity, ensuring the protection of critical data against external threats.
