The Chinese government has responded to allegations linking Chinese government-supported attackers to the recent cyber breach at the U.S. Treasury Department, dismissing the accusations as “baseless.”
The breach was carried out through a third-party cybersecurity service provider, according to a letter from the Treasury to lawmakers. The hackers were able to access keys used by vendors to bypass certain parts of the system.
The Treasury Department confirmed that the incident took place earlier in the month, allowing the attackers to remotely access the workstation and obtain some unclassified documents.
China refuted the claims on Tuesday, stating that it opposes all forms of hacker attacks and especially rejects the propagation of false information for political motives.
Speaking on behalf of the Foreign Ministry, Mao Ning said, “We have consistently refuted these unfounded accusations without supporting evidence.”
The Treasury Department reported the breach to the U.S. Cybersecurity and Infrastructure Security Agency after being informed by the third-party provider and is collaborating with law enforcement to assess the situation.
A department spokesperson stated, “The compromised services have been disabled, and there is no indication that the attackers continued to infiltrate Treasury systems or data.”
In a letter to the Senate Banking Committee leadership, the Treasury Department stated, “Based on available evidence, this incident appears to be the work of a Chinese state-sponsored Advanced Persistent Threat (APT) actor.”
APT refers to a cyber attack where an intruder gains unauthorized access to a target and remains undetected for an extended period.
The ministry did not disclose the extent of the impact of the breach but promised to provide further details in a subsequent report.
“The Treasury Department treats any threat to our nation’s systems and data with utmost seriousness,” the spokesperson emphasized.
Several countries, including the United States, have expressed concerns about Chinese government-supported hacking campaigns targeting their governments, militaries, and enterprises.
While the Chinese government has denied the allegations, it has previously stated that it opposes and cracks down on all forms of cyber attacks.
In September, the U.S. Department of Justice announced the neutralization of a global cyber attack network affecting 200,000 devices, allegedly operated by Chinese government-backed hackers.
In February, U.S. authorities revealed the dismantling of a hacker network called Bolt Typhoon that targeted critical public infrastructure at China’s direction.
In 2023, Microsoft disclosed that China-based hackers had infiltrated email accounts at numerous U.S. government agencies in search of intelligence information.
The hacker group “Storm-0558” breached the email accounts of around 25 organizations and government agencies, including the State Department and Commerce Secretary Gina Raimondo.
Source: www.theguardian.com
