Chinese Hackers Penetrated The US Treasury

Uploaded on 2025-01-01 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW

Britain's Chancellor of the Exchequer, Rachel Reeves, will visit China this month in an attempt to improve ‘economic and financial cooperation’. It seems likely that the members of the Chinese government she will be very well informed, not least because of intelligence gathered by China’s prolific nation-state hackers.

Their latest high profile exploit was revealed last week when the US Treasury disclosed that it had fallen victim of what it called a ‘major cyber security incident’.

The Treasury has blamed  Chinese hackers, who successfully accessed individual employee work-station, enabling them to view documents. They also say that the documents accessed were unclassified, the infected user computers disconnected and no evidence found that the hacker remain the Treasury networks.

The hackers were detected by leading access management cyber security firm, BeyondTrust,  who have reported that the hackers gained access by stealing a security key, although they have not revealed how many Treasury employee computers were  were breached.

China official sources have denied any involvement, describing the Treasury Dept chargers  "baseless" and saying it "consistently opposes all forms of hacking". Coincidentally, the alleged Treasury hacking follows allegations made by the Chinese security agency CNCERT/ CC that US intelligence agencies had attacked two  Chinese technology firms to steal commercial sensitive information.

This latest high-profile exploit follows the hacking of major US telecommunications firms, enabling Chinese hackers to gain access to private texts and phone conversations of prominent political and business leaders, reportedly including President-elect Trump and his incoming vice-president J.D. Vance. The attack was blamed on a Chinese group known as Salt Typhoon. 

The US and Britain have previously accused China of a long-term hacking campaign targeting politicians, journalists and businesses, blaming China’s ministry of state security, its main spy agencies and hacking affiliates. Indeed, China is thought to have invested heavily in a network of private sector contractors as it has vastly expanded its cyber capabilities. 

Amongst recent British targets are the Electoral Commission, which had access to information on tens of millions of UK voters, and a company providing pay-roll services to the Ministry of Defence, which may have exposed personal information about British military personnel. 

The UK’s intelligence agencies have said that China is now their top priority,and Ken McCallum, Head of the MI5 domestic spy agency has describing Chinese espionage as ‘a sustained campaign on a pretty epic scale’.

Other damaging exploits undertaken by another Chinese hacking group known as Volt Typhoon. According  to Jen Easterly, Director of the US Cybersecurity and Infrastructure Agency (CISA). This group is focused on penetrating critical infrastructure for the purpose of sabotage. Their targets include naval ports, internet service providers, communications services and utilities like water, aviation and energy. Volt Typhoon has apparently maintained long-term access to systems for years, pre-positioning destructive malware which could be activated for future acts of sabotage in times of conflict. 

CISA said that while the main target was US infrastructure, the infiltration was likely to have affected America’s Five Eyes, Canada, Australia, New Zealand and the Britain. 

The timing of the Treasury Department hacking revelations could have significant geo-political consequences as as they come come to light just before Donald Trump’s second Presidential inauguration, and the start of a US  administration which is expected to take a tougher line on relations with China. This is in contrast to Rachek Reeves’ imminent visit to China, during which she will discuss the re-opening of a Joint Economic and Trade Commission, set up in 1996 to promote trade and investment between the two countries, but suspended in 2020 after China imposed a national security law on Hong Kong. 

Reeves will have had a briefing with the aim to improve ties with an increasingly hostile China, however,  government officials and business leaders visiting the country are advised to take disposable 'burner phones' and throwaway laptops, as no electronic device can be considered safe once it has been exposed to ubiquitous Chinese domestic surveillance.  

Forbes   |    Spectator   |    BBC   |   Reuters   |   AlJazeera   |    Guardian  |   Morning Star  |   

Image: Ideogram

You Might Also Read: 

FBI & CISA Advice - Use Encrypted Messaging:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Volkswagen Suffers A Massive Data Breach
How Small & Medium Businesses Can Safeguard Their Critical Assets Against Evolving Cyber Threats »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

K7 Computing

K7 Computing

K7 provides antivirus and internet security products for business and home users.

Cymulate

Cymulate

Cymulate is a SaaS-based breach and attack simulation platform that makes it simple to know and optimize your security posture any time, all the time.

SolutionsPT

SolutionsPT

SolutionsPT enables customers to strengthen their Operational Technology (OT) network to meet the ever increasing demand for performance, availability, connectivity and security.

Auxilium Cyber Security

Auxilium Cyber Security

Auxilium Cyber Security is independent information security consultancy company providing cyber security services tailored to meet the evolving needs of organizations worldwide.

Cybint Solutions

Cybint Solutions

Cybint provides customized cyber education and training solutions for Higher Education, Companies and Government.

Recruit.net

Recruit.net

Recruit.net allows job seekers to instantly find millions of jobs from thousands of web sites with a single search.

Council of Europe Convention on Cybercrime

Council of Europe Convention on Cybercrime

The Council of Europe helps to protect societies worldwide from the threat of cybercrime through the Convention on Cybercrime.

TES

TES

TES is a provider of IT Lifecycle Services, offering bespoke solutions that help customers manage the commissioning, deployment and retirement of Information Technology assets.

RISE

RISE

RISE is an independent, State-owned research institute, which offers unique expertise and over 100 testbeds and demonstration environments for future-proof technologies, products and services.

Secure-IC

Secure-IC

Secure-IC provide end-to-end, best-of-breed security expertise, solutions, and hardware & software technologies, for embedded systems and connected objects.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Skylark

Skylark

Skylark is a leading global IT services provider, transforming client’s businesses through innovative and advanced technology solutions.