WASHINGTON – Chinese hackers gained remote access to multiple U.S. Treasury workstations and unclassified documents after compromising a third-party software service provider, the agency announced Monday.
The department did not provide details about the number of workstations accessed or the types of documents the hackers may have obtained, but said in a letter to lawmakers disclosing the breach that “at this time, we do not believe the threat “There is no evidence that the actors are continuing to operate.” Access to Treasury information. said the hack was being investigated as a “serious cybersecurity incident.”
“The Treasury Department takes very seriously any threats to our nation’s systems and the data we hold,” a ministry spokesperson said in a separate statement. “Over the past four years, Treasury has significantly strengthened our cyber defenses and will continue to work with private and public sector partners to protect the financial system from threat actors.”
Agence France-Presse cited China’s Foreign Ministry as saying that China denies any involvement and that China “always opposes all forms of hacker attacks, and even more so opposes the spread of false information against China for political purposes.” ” he was reported to have said.
Foreign Ministry spokesperson Mao Ning said: “We have repeatedly expressed our position on these baseless accusations, which lack evidence.”
Chinese embassy spokesperson Liu Pengyu dismissed the allegations as an effort to “taint” China’s reputation.
“The United States needs to stop using cybersecurity to smear and smear China, and stop spreading all kinds of disinformation about the so-called Chinese hacking threat,” he said in a statement, adding that China itself “is a target of international cyber-attacks, and we consistently oppose and combat cyber-attacks in all their forms.”
The revelations come as U.S. authorities continue to grapple with the aftermath of the massive disaster. Massive Chinese cyber espionage operation known as Salt Typhoon This gave authorities in Beijing access to the private text messages and phone conversations of an unspecified number of Americans. A senior White House official announced Friday that the number of carriers confirmed to have been affected by the hack has increased to nine.
The Treasury Department reported that BeyondTrust, a third-party software service provider, had keys “used by the vendor to secure cloud-based services used to remotely provide technical support” stolen by hackers. He said he learned of the issue on December 8th. To the workers. This key helped hackers disable the service’s security and gain remote access to multiple employees’ workstations.
The compromised services have since been taken offline and there is no evidence that the hackers still have access to departmental information, Assistant Treasury Secretary Aditi Hardikar wrote in a Monday letter to leaders of the Senate Banking Committee. I mentioned it in.
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency and attributed the hack to Chinese nationals. He did not elaborate.
more