China blamed by US for Treasury Department hack | Cybersecurity News

The unclassified documents were stolen after a hack earlier this month, the Treasury Department said in a letter to Congress.

Chinese state-sponsored hackers managed to steal unclassified documents from United States Treasury Department workstations earlier this month, the US Treasury Department said.

The department said Monday that hackers were able to compromise a third-party cybersecurity service provider and gain access to documents in what it described as a “major incident.”

“[The hackers] gained access to a key used by a vendor to secure a cloud-based service used to remotely provide technical support to end users of the Treasury Department’s (DO) Office,” the US Treasury Department said in a letter to Congress. “With access to the stolen key, a threat actor was able to override the security of the service, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”

A statement from the Ministry of Finance states that the department “takes very seriously all threats to our systems and the data in its possession.”

On Dec. 8, the Treasury Department was alerted to a hack by cybersecurity service provider BeyondTrust. The department says it is working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.

“The compromised BeyondTrust service has been shut down and there is no evidence to suggest that the threat actor has continued access to Treasury Department systems or information,” a Treasury spokesman told AFP.

A letter to the leadership of the US Senate Banking Committee directly blamed China, saying the incident was “attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor”.

An APT is a cyber attack in which a hacker can maintain undetected and unauthorized access to a target for a specified period of time.

The Ministry of Finance said more information would be released in a supplementary report at a later date.

The hacking report comes less than a month before the inauguration of US President-elect Donald Trump.

Trump threatened China with a trade war and tariffs, saying Beijing has not done enough stop the flow of the opioid fentanyl into the US.

Both Trump’s Republicans and Democrats have warned of Chinese threats to the US, particularly in the area of ​​cyber security.

In September, the US Department of Justice said it had shut down a network of cyberattacks led by China-backed hackers that affected 200,000 devices worldwide.

And earlier in December, the USA sanctioned a Chinese cyber security company and a researcher on a 2020 attack that attempted to exploit a computer software vulnerability in company firewalls.

China has denied any involvement in the attacks and says it opposes all forms of cyber attacks.