Beijing has dismissed allegations that a Chinese state-sponsored actor was behind a cyber breach at the US Treasury Department, labeling the claims as “groundless” and politically motivated.
Details of the Breach
The US Treasury disclosed the breach in a letter to Congress, revealing that the cyberattack resulted in unauthorized access to some workstations and unclassified documents.
The incident reportedly occurred earlier this month when the attacker compromised BeyondTrust, a third-party cybersecurity service provider. The breach allowed remote access to Treasury workstations before being detected and addressed.
The Treasury noted that the compromised BeyondTrust service had been taken offline and that there was “no evidence indicating the threat actor has continued access to Treasury systems or information.”
China’s Response
The Chinese Foreign Ministry vehemently denied the accusations. Spokeswoman Mao Ning stated, “China has always opposed all forms of hacker attacks, and we are even more opposed to spreading false information against China for political purposes.”
She emphasized that such claims lacked evidence, reiterating Beijing’s consistent rejection of allegations of state-sponsored hacking.
Attribution to a State-Sponsored Actor
The Treasury attributed the breach to a Chinese state-sponsored Advanced Persistent Threat (APT) actor. APT refers to sophisticated cyberattacks where intruders gain unauthorized access to a system and remain undetected for extended periods.
Further details on the breach’s impact have not been disclosed, but the Treasury promised to provide additional information in a supplemental report.
Ongoing Concerns Over Cybersecurity
The incident adds to the growing list of concerns about alleged Chinese-government-backed cyberattacks targeting critical infrastructure, businesses, and government entities worldwide.
- Past Incidents:
- In 2023, Chinese-based hackers, known as Storm-0558, breached email accounts at approximately 25 US government agencies, including the State Department and Commerce Secretary Gina Raimondo.
- In September, the US Justice Department neutralized a cyberattack network allegedly run by Chinese-government-backed hackers.
- In February, authorities dismantled a network, “Volt Typhoon,” accused of targeting key public infrastructure.
The US and other nations have repeatedly voiced alarm over cyber threats attributed to China. Beijing consistently denies these allegations and asserts its opposition to all forms of cyberattacks.
Treasury’s Commitment
The Treasury Department emphasized its commitment to securing its systems and safeguarding the data it holds. “Treasury takes very seriously all threats against our systems,” a spokesperson said.
Broader Implications
This breach highlights the persistent challenge of securing government systems against sophisticated cyber threats. As cyberattacks grow more advanced, governments and organizations worldwide face mounting pressure to bolster their defenses and address vulnerabilities in third-party services.
The diplomatic friction between the US and China over cybersecurity issues also underscores the increasing complexity of managing global cyber threats in an interconnected world.
