TLDR:
• China hacks U.S. Treasury systems
• Salt Typhoon exploits telecoms vulnerabilities
• Treasury plans cybersecurity collaboration
WASHINGTON (The Thursday Times) — The U.S. Treasury Department revealed that a state-sponsored actor in China hacked its systems, gaining access to unclassified documents and government employee workstations. This breach, considered a major cybersecurity incident, underscores escalating threats to critical U.S. infrastructure.
Treasury’s cybersecurity breach raises alarms
The Treasury Department’s disclosure follows the discovery of a security flaw exploited by Chinese hackers. The attack was attributed to an Advanced Persistent Threat (APT) actor backed by the Chinese state, according to a letter from Treasury officials to lawmakers. The breach was initially flagged by BeyondTrust, a third-party cybersecurity firm, which reported that a security key was compromised, granting remote access to certain Treasury workstations.
While the affected systems have since been taken offline and investigators have determined that the hackers no longer have access, the breach underscores critical vulnerabilities in federal cybersecurity protocols. Treasury officials emphasised their commitment to safeguarding systems and data, vowing to work closely with federal agencies and private sector experts to prevent future incidents.
Salt Typhoon exposes U.S. telecoms weaknesses
The Treasury hack is only part of a larger cybersecurity crisis involving state-sponsored actors from China. Recent revelations about a separate group, nicknamed Salt Typhoon, have highlighted how deeply Chinese hackers have penetrated U.S. telecommunications networks. This group, allegedly linked to China’s Ministry of State Security, gained access to sensitive conversations and data, including phone communications involving former President Donald J. Trump and other American officials.
Salt Typhoon also managed to retrieve a list of phone numbers wiretapped by the Justice Department, offering Beijing unprecedented insight into U.S. espionage operations. The breach has raised concerns about national security and the resilience of America’s telecommunications systems, prompting the Commerce Department to ban remaining operations of China Telecom in the United States.
U.S – China cybersecurity dialogue questioned
Despite the escalating cyber conflict, the U.S. and China have maintained dialogue on cybersecurity. Earlier this month, Treasury Department officials visited Beijing for economic and financial discussions, which included cybersecurity collaboration. However, the timing of the Treasury breach has cast doubt on the effectiveness of these efforts.
Chinese officials continue to deny involvement in state-sponsored hacking, positioning themselves as willing collaborators in addressing cybercrime. Yet the scale and sophistication of recent attacks, including Salt Typhoon’s infiltration of U.S. networks, suggest a strategic effort by Beijing to exploit American weaknesses.
As the Treasury Department prepares to release further details in a forthcoming congressional report, pressure mounts on the Biden administration to enhance federal cybersecurity measures and address vulnerabilities exposed by these breaches.