Chinese-linked cyberattack targets US treasury systems
The United States Treasury Department reported a cyberattack that allowed hackers, allegedly sponsored by Chinese authorities, to access department employees' computers via third-party software. According to NBC News, authorities described the situation as a "serious incident."
The attackers accessed the Treasury Department systems through BeyondTrust, a cybersecurity services provider offering remote technical support. It was reported that hackers could bypass security measures and access user workstations by compromising a security key used by BeyondTrust.
The threat was made possible by accessing a key used to secure cloud services – this was stated in a letter to Senators Sherrod Brown and Tim Scott.
China reacts to the allegations
According to NBC News, Chinese authorities categorically denied the accusations. "China has always opposed all forms of hacking attacks, and we are even more opposed to the dissemination of false information targeting China for political purposes," declared Mao Ning, spokeswoman for the Chinese Ministry of Foreign Affairs.
US authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and forensic specialists, are working on a full assessment of the incident and its potential implications.
According to NBC News, a Treasury Department spokesperson confirmed that the compromised BeyondTrust service was removed from the network and stated there is no indication of continued hacker access to the department's systems.
The department takes all threats to its systems and data very seriously. Cyber defences have been significantly strengthened in recent years – it was added in the statement.
