Cybersecurity Concerns Escalate
Tensions between the United States and China have intensified following the Treasury Department’s confirmation of a security breach. The incident involved hackers, allegedly backed by Beijing, gaining unauthorized access to sensitive documents from the government agency’s offices.
The breach was discovered by a software service provider and occurred on December 8. According to the Treasury Department, the hackers obtained a key used by the cybersecurity service ‘BeyondTrust’ for technical support, allowing them to remotely access user workstations and access unclassified documents.
The affected organization is working with the United States Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the attack. The Treasury has confirmed that the compromised service is no longer in operation, describing the incident as “a major cybersecurity incident.”
Attribution and Denial
Aditi Hardikar, Secretary of Management, attributed the incident to a Chinese state-sponsored Advanced Persistent Threat (APT) actor, citing available indicators. However, China has denied any involvement, citing a lack of evidence. A Chinese embassy spokesman stated that Beijing “firmly opposes defamatory attacks” by the United States without factual basis.
The Chinese Ministry of Foreign Affairs also emphasized that China opposes all forms of cyber attacks and spreading false information about China for political purposes.
Previous Incidents
This is not the first time the United States has detected cyber attacks from China. In September 2024, an espionage campaign by the Chinese government was uncovered, in which hackers gained access to over 12 telecommunications companies in an operation dubbed “Salt Typhoon.” The hackers accessed real-time calls and text messages from hundreds of citizens, making it one of the worst attacks suffered by the United States.