Chinese hackers gained remote access to several U.S. Treasury Department workstations and unclassified documents by exploiting vulnerabilities in a third-party software provider in what the agency on Monday called a “major cybersecurity incident.”
Why It Matters
Hacking competitions in China have surged over recent years, supported by strong government backing and rising public interest, raising alarm in the U.S., where officials are warning that the widening cyber skills gap is placing America at a strategic disadvantage and posing national security risks.
China has made great strides since President Xi Jinping‘s call for the nation to become a “cyber powerhouse” a decade ago. University programs in cybersecurity have been standardized, a National Cybersecurity Talent and Innovation Base capable of certifying 70,000 cybersecurity experts per year was established and the hacking competitions—many touting their alignment with Xi’s “powerhouse” ambition—have proliferated.
What To Know
The Treasury Department disclosed that it became aware of the breach on December 8 after BeyondTrust, a third-party software provider, reported that hackers had stolen a key enabling them to bypass security protocols and access several employee workstations remotely.
Chip Somodevilla/Getty Images
The affected service has been taken offline, and there is no indication that the hackers still have access to Treasury Department information, Assistant Secretary Aditi Hardikar stated in a letter sent Monday to Senate Banking Committee leaders.
Similar Chinese Hacking Instances
Earlier this month, a White House official said that at least eight U.S. telecom companies had been breached by a Chinese hacking company.
Deputy national security adviser Anne Neuberger disclosed the details about the extensive Chinese hacking operation that allowed Beijing to access private text messages and phone conversations involving an undisclosed number of Americans.
Neuberger discussed the extent of the breach just a day after the FBI and Cybersecurity and Infrastructure Security Agency released guidance aimed at identifying the hackers and preventing future cyberespionage. White House officials warned that the list of affected telecommunications companies and countries could continue to expand.
According to Neuberger, U.S. officials believe the hackers successfully accessed communications belonging to senior government leaders and high-profile political figures through the breach.
Neuberger noted that President Joe Biden had been briefed about the telecom hacking incident and said that he “has made it a priority for the federal government to do everything it can to get to the bottom this.”
What People Are Saying
The Treasury Department has not disclosed the number of workstations accessed or the nature of the documents potentially obtained by the hackers. However, in a letter to lawmakers revealing the breach, the department stated: “At this time, there is no evidence indicating the threat actor has continued access to Treasury information.”
The agency added: “Treasury takes very seriously all threats against our systems, and the data it holds…Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”
What’s Next
The Treasury Department said it is collaborating with the FBI and the Cybersecurity and Infrastructure Security Agency on the investigation, adding that the breach has been attributed to Chinese hackers. Further details were not provided.
This article includes reporting from The Associated Press.
