US Treasury Department Hit by Chinese State-Sponsored Hackers
A major cybersecurity incident occurred in early December when Chinese state-sponsored hackers broke into the US Treasury Department’s systems. The hackers accessed employee workstations and some unclassified documents, officials revealed on Monday .
The breach was made possible by a China-based actor who overrode security using a key from a third-party service provider, BeyondTrust, which offers remote technical support to Treasury employees. The compromised service has since been taken offline, and there’s no evidence to suggest the hacker still has access to Treasury Department information.
The US agency is working with the FBI, Cybersecurity and Infrastructure Security Agency, and third-party forensic investigators to investigate the impact of the breach. Based on the evidence gathered so far, officials believe the hack was carried out by a China-based Advanced Persistent Threat (APT) actor.
The Treasury Department takes the breach seriously, stating that “intrusions attributable to an APT are considered a major cybersecurity incident.” The agency is committed to protecting its data from outside threats and has significantly bolstered its cyber defense over the past four years .
