Chinese hackers have reportedly broken into key offices within the U.S. Treasury Department tasked with reviewing foreign investments and transactions that could threaten U.S. national security.
CNN cited a U.S. official familiar with the incident as saying that the Chinese hackers were using the Committee on Foreign Investment in the United States, which can approve or deny transactions with the United States, as well as transactions that pose national security risks, such as mergers and acquisitions. CFIUS) was targeted. Contains U.S. classified information.
Treasury officials confirmed to TechCrunch last week that the company is investigating a “major cybersecurity incident” following a breach at one of its security vendors, BeyondTrust. According to the Treasury Department, the hackers used stolen BeyondTrust keys to gain entry and remotely access staff workstations and documents on the department's unclassified network. It was later revealed that Chinese hackers had also infiltrated the department's Office of Foreign Assets Control (OFAC), which is responsible for international financial sanctions.
U.S. cybersecurity agency CISA said this week that there was no evidence the hackers had penetrated other U.S. government departments as part of the attack.
The hackers targeting the Treasury Department are known as Silk Typhoon (formerly known as Hafnium), an active Chinese-backed hacker group that aims to steal information, Bloomberg reports. It is known that they are conducting large-scale hacking activities aimed at
The cyberattack on the Treasury Department is the latest in a series of incidents identified in recent months that have been linked to the Chinese-backed Typhoon hacker family. These cyberattacks include targeting the private communications of U.S. government officials and pre-planting U.S. critical infrastructure with destructive malware in case of future conflict between China and the U.S. That is included.
The Chinese government has repeatedly denied the accusations.