US Treasury declares ‘major incident’ after apparent state-sponsored Chinese hack

(Image credit: Shutterstock)

The US Treasury has confirmed it suffered a breach
The compromise came through third party systems BeyondTrust
China have denied any involvement

The US Treasury Department has confirmed that documents have been stolen and systems have been breached in a cyber attack that it has dubbed a ‘major incident’. The compromise occurred through a third party cybersecurity service provider, BeyondTrust, which allowed remote access to key systems.

Through this system, hackers were able to gain access used by the vendor to override parts of the Treasury Department’s systems, the agency confirmed in a disclosure letter to Congress. The third-party system, which ordinarily offers remote technical support to employees, has since been taken offline.

Initial assessments by the agency suggest the attack was carried out by ‘a China-based Advanced Persistent Threat Actor’, officials said. China has called the accusation ‘baseless’, and said it "consistently opposes all forms of hacking".

A short-lived breach

Suspicious activity was first spotted on December 2, and the Treasury was made aware of the hack on December 8 by BeyondTrust, although it took the company three days to determine that it had been breached.

It’s not clear what type of files were taken, or what these files relate to, but more details are expected to be revealed in the Treasury’s 30-day supplemental report.

This attack follows a huge telecoms breach which targeted 9 major US telecommunications firms and compromised millions of individuals.

The telecoms breach, attributed to Chinese state-sponsored group, Salt Typhoon, resulted in a vow of retribution from President-elect Trump, and China also denied wrongdoing relating to this hack.

"The US needs to stop using cyber security to smear and slander China, and stop spreading all kinds of disinformation about the so-called Chinese hacking threats," said embassy spokesman for the Chinese embassy in Washington DC, Liu Pengyu.

Via BBC

Take a look at our pick of the best malware removal software
FBI confirms Chinese hackers accessed US government official devices
Check out our pick for best antivirus software

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.