Beijing on Tuesday rejected accusations that a Chinese state-sponsored actor was behind a cyberattack on the US Treasury Department, calling the claims “groundless.”
The US Treasury Department confirmed the breach, revealing that some of its workstations were accessed in an attack that involved compromising a third-party cybersecurity provider. The incident, which took place earlier this month, allowed the attacker to remotely access the workstations and some unclassified documents.
China’s foreign ministry denied the allegations, reiterating that Beijing opposes all forms of cyberattacks and condemns the spread of false information for political purposes. Spokeswoman Mao Ning said, “We have repeatedly stated our position regarding such unfounded accusations without evidence.”
The Treasury Department contacted the US Cybersecurity and Infrastructure Security Agency after being alerted by its service provider, BeyondTrust. Authorities have been working with law enforcement to assess the impact of the breach. The compromised service has been taken offline, and no further unauthorized access to Treasury systems or information has been found.
The Treasury attributed the incident to a Chinese state-sponsored Advanced Persistent Threat (APT) actor, which refers to a prolonged, unauthorized intrusion into a system. However, the department did not provide further details on what was affected and said more information would be shared later.
Several countries, including the United States, have raised concerns about Chinese-backed cyberattacks targeting governments, militaries, and businesses. Beijing has consistently denied these accusations, stating it opposes cyberattacks and takes action against such activities.
In recent years, the US Justice Department has dismantled Chinese-backed hacking networks, including one in September that impacted 200,000 devices globally. In February, US officials also dismantled “Volt Typhoon,” a hacker group allegedly targeting critical infrastructure in the US. Additionally, Chinese hackers breached US government email accounts in 2023, including those of the State Department and Commerce Secretary Gina Raimondo.
