Chinese Hackers Penetrated The US Treasury

Uploaded on 2025-01-01 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW

Britain's Chancellor of the Exchequer, Rachel Reeves, will visit China this month in an attempt to improve ‘economic and financial cooperation’. It seems likely that the members of the Chinese government she will be very well informed, not least because of intelligence gathered by China’s prolific nation-state hackers.

Their latest high profile exploit was revealed last week when the US Treasury disclosed that it had fallen victim of what it called a ‘major cyber security incident’.

The Treasury has blamed  Chinese hackers, who successfully accessed individual employee work-station, enabling them to view documents. They also say that the documents accessed were unclassified, the infected user computers disconnected and no evidence found that the hacker remain the Treasury networks.

The hackers were detected by leading access management cyber security firm, BeyondTrust,  who have reported that the hackers gained access by stealing a security key, although they have not revealed how many Treasury employee computers were  were breached.

China official sources have denied any involvement, describing the Treasury Dept chargers  "baseless" and saying it "consistently opposes all forms of hacking". Coincidentally, the alleged Treasury hacking follows allegations made by the Chinese security agency CNCERT/ CC that US intelligence agencies had attacked two  Chinese technology firms to steal commercial sensitive information.

This latest high-profile exploit follows the hacking of major US telecommunications firms, enabling Chinese hackers to gain access to private texts and phone conversations of prominent political and business leaders, reportedly including President-elect Trump and his incoming vice-president J.D. Vance. The attack was blamed on a Chinese group known as Salt Typhoon. 

The US and Britain have previously accused China of a long-term hacking campaign targeting politicians, journalists and businesses, blaming China’s ministry of state security, its main spy agencies and hacking affiliates. Indeed, China is thought to have invested heavily in a network of private sector contractors as it has vastly expanded its cyber capabilities. 

Amongst recent British targets are the Electoral Commission, which had access to information on tens of millions of UK voters, and a company providing pay-roll services to the Ministry of Defence, which may have exposed personal information about British military personnel. 

The UK’s intelligence agencies have said that China is now their top priority,and Ken McCallum, Head of the MI5 domestic spy agency has describing Chinese espionage as ‘a sustained campaign on a pretty epic scale’.

Other damaging exploits undertaken by another Chinese hacking group known as Volt Typhoon. According  to Jen Easterly, Director of the US Cybersecurity and Infrastructure Agency (CISA). This group is focused on penetrating critical infrastructure for the purpose of sabotage. Their targets include naval ports, internet service providers, communications services and utilities like water, aviation and energy. Volt Typhoon has apparently maintained long-term access to systems for years, pre-positioning destructive malware which could be activated for future acts of sabotage in times of conflict. 

CISA said that while the main target was US infrastructure, the infiltration was likely to have affected America’s Five Eyes, Canada, Australia, New Zealand and the Britain. 

The timing of the Treasury Department hacking revelations could have significant geo-political consequences as as they come come to light just before Donald Trump’s second Presidential inauguration, and the start of a US  administration which is expected to take a tougher line on relations with China. This is in contrast to Rachek Reeves’ imminent visit to China, during which she will discuss the re-opening of a Joint Economic and Trade Commission, set up in 1996 to promote trade and investment between the two countries, but suspended in 2020 after China imposed a national security law on Hong Kong. 

Reeves will have had a briefing with the aim to improve ties with an increasingly hostile China, however,  government officials and business leaders visiting the country are advised to take disposable 'burner phones' and throwaway laptops, as no electronic device can be considered safe once it has been exposed to ubiquitous Chinese domestic surveillance.  

Forbes   |    Spectator   |    BBC   |   Reuters   |   AlJazeera   |    Guardian  |   Morning Star  |   

Image: Ideogram

You Might Also Read: 

FBI & CISA Advice - Use Encrypted Messaging:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Volkswagen Suffers A Massive Data Breach
How Small & Medium Businesses Can Safeguard Their Critical Assets Against Evolving Cyber Threats »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

European Cyber Security Organisation (ECSO)

European Cyber Security Organisation (ECSO)

The main objective of ECSO is to support all types of initiatives or projects that aim to develop, promote and encourage European cybersecurity.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

ACPL Systems

ACPL Systems

We offer leading-edge technology solutions, expert professional and managed services and proven methodologies to ensure your data is protected and business risks are reduced.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

Robert Walters

Robert Walters

Robert Walters is one of the world's leading global specialist professional recruitment and recruitment process outsourcing consultancies.

Maritime Cyber Threats Research Group - University of Plymouth

Maritime Cyber Threats Research Group - University of Plymouth

The Maritime Cyber Threats research group of the University of Plymouth is focused on investigating marine cyber threats and researching solutions.

Somerville

Somerville

Somerville are a full service IT partner with over 40 years experience delivering exceptional service and value to our customers.

Commission Nationale de l'Informatique et des Libertés (CNIL) - France

Commission Nationale de l'Informatique et des Libertés (CNIL) - France

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

Cyber Defense International (CDI)

Cyber Defense International (CDI)

At CDI, we utilize decades of experience in designing and building large-scale cybersecurity programs, creating tailored solutions and services that protect businesses from cyber threats.

Sinergi Digital

Sinergi Digital

Sinergi Digital is a business unit of the Metrodata Group with a focus on providing ICT solution to help accelerating digital transformation.

Zyxel Networks

Zyxel Networks

Zyxel Networks is a leading provider of secure, AI-powered networking solutions for small to medium businesses (SMBs) and the enterprise edge.

Rydal Group

Rydal Group

Rydal Group is an award-winning, fully pledged communications & managed IT, Security and Energy provider supporting over 1,500 businesses across the UK.