sb.scorecardresearch

Published 07:03 IST, December 31st 2024

Chinese Hackers Target US Treasury in Major Cyberattack; Workstations Breached, Documents Stolen

The hack was discovered on December 8, when BeyondTrust, the external vendor, alerted the department about a stolen security key.

Reported by: Digital Desk
Follow: Google News Icon
  • share
China Cyberattack
China Cyberattack | Image: China Cyberattack

Washington: Chinese hackers accessed several workstations and unclassified documents of the US Treasury Department, the agency revealed on Monday. The breach was linked to a compromised third-party software provider, raising alarms over cybersecurity vulnerabilities, as per AP.

Treasury Confirms Cyber Incident  

The Treasury Department confirmed the breach in a letter to lawmakers, describing it as a “major cybersecurity incident.” While the department refrained from disclosing how many systems were compromised or the nature of the accessed documents, it clarified that there was no evidence of continued access to Treasury information.  

A Treasury spokesperson assured, “Treasury takes all threats to its systems seriously. Over the last four years, significant improvements have been made to bolster our cyber defenses.”  

Hack Linked to Chinese Espionage  

The breach coincides with ongoing investigations into a broader Chinese cyberespionage campaign, dubbed ‘Salt Typhoon.’ This campaign has reportedly granted Beijing access to private communications of several Americans. The White House recently disclosed that at least nine US telecommunications firms were affected by the campaign.

The hackers exploited a vulnerability in BeyondTrust, a third-party software vendor providing cloud-based technical support. On December 8, BeyondTrust flagged the theft of a critical key used to secure remote services. This allowed the attackers to override security measures and access employee workstations.  

Assistant Treasury Secretary Aditi Hardikar confirmed in a letter to the Senate Banking Committee that the compromised service has been taken offline. The department is now collaborating with the FBI and the Cybersecurity and Infrastructure Security Agency to assess the damage.  

The Treasury has attributed the attack to Chinese state-sponsored hackers but refrained from sharing further details. CNN reported that Treasury officials are likely to hold a classified briefing with the House Financial Services Committee next week, though the exact schedule remains undecided.  

,Roberta Kaplan, a lawyer who represented Carroll during the trial and is not related to the judge, said in a statement: “Both E. Jean Carroll and I are gratified by today’s decision. We thank the Second Circuit for its careful consideration of the parties’ arguments.”

Updated 10:13 IST, December 31st 2024