The US Treasury Department recently claimed that it was attacked by Chinese state-sponsored hackers. The government body also says that the threat actors had stolen unclassified documents in what it describes as a “major incident”.
In an official letter, the Treasury said that hackers “gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users. With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”
The vendor mentioned in the statement is BeyondTrust, a third party cybersecurity service provider, from whom they gained access to a key from said provider. The attack comes amid earlier attacks by another Chinese state-sponsored hacker group that targetted three of the largest US telecommunications companies in an attack known as Salt Typhoon, earlier this year.
China has denied these allegations and any responsibility for the hack, stating that it “firmly opposes the US’ smear attacks against China without any factual basis.”
(Source: Reuters, The Guardian)
