Chinese hackers have reportedly broken into a key US Treasury office tasked with reviewing foreign investments and transactions that could threaten US national security.
CNN reportsciting U.S. officials familiar with the incident, that Chinese hackers targeted the Committee on Foreign Investment in the United States, or CFIUS, which can approve or reject deals that present national security risks, such as corporate mergers and acquisitions or deals involving sensitive matters. United States information.
Treasury officials confirmed to britcommerce last week that they were investigating a “major cybersecurity incident” following a breach at one of their security providers, BeyondTrust. The Treasury said the hackers broke in using a stolen BeyondTrust key to remotely access employee workstations and documents on the department’s unclassified network. It was later revealed that the Chinese hackers had also breached the international financial sanctions department’s office, the Office of Foreign Assets Control, or OFAC.
The US cybersecurity agency CISA said this week that there was no indication that hackers had broken into any other US government departments as part of the campaign.
Bloomberg reports that the hackers targeting the Treasury are known as Silk Typhoon (previously called “Hafnium”), an active Chinese-backed hacking group known for carrying out massive hacking operations aimed at stealing information.
The Treasury cyberattack is the latest in a series of incidents identified in recent months and linked to the China-backed “Typhoon” hacking family. These cyberattacks have included targeting private communications of US government officials and prepositioning destructive malware on critical US infrastructure to attack in the event of a future conflict between China and the United States.
The Chinese government has repeatedly denied the allegations.