China Denies Role in Cyberattack on US Treasury, Calls Allegations “Groundless”

Beijing has firmly rejected accusations that a Chinese state-sponsored actor was behind a recent cyber breach targeting the US Treasury Department, calling the claims “groundless” and politically motivated.

The Treasury Department confirmed the breach on Tuesday, revealing in a letter to Congress that the attack occurred earlier this month. The cybercriminals accessed some of the department’s workstations through a third-party cybersecurity service provider. The Treasury stated that this allowed the attackers to remotely access unclassified documents and systems.

The incident has been attributed to a China-based Advanced Persistent Threat (APT) actor, a type of cyberattack where intruders establish long-term, undetected access to a target system. Despite these claims, China’s Foreign Ministry has dismissed the accusations, stressing that Beijing “has always opposed all forms of hacker attacks” and condemning the spread of “false information” for political purposes.

“We have repeatedly stated our position on such groundless accusations that lack any supporting evidence,” said Foreign Ministry spokeswoman Mao Ning.

The Treasury Department, after being alerted by its third-party provider, BeyondTrust, promptly contacted the US Cybersecurity and Infrastructure Security Agency (CISA) and has been collaborating with law enforcement to assess the full impact of the breach. The compromised BeyondTrust service has since been taken offline, with officials stating there is no evidence the attackers maintained ongoing access to Treasury systems or sensitive information.

Also Read: China Condemns U.S. Military Support for Taiwan Amid Escalating Tensions

A Treasury spokesperson emphasized, “Treasury takes very seriously all threats against our systems and the data it holds,” adding that further details would be provided in an upcoming report.

See Also

MTN Group proposes full acquisition of IHS Towers in $2.2 billion deal

This breach is the latest in a series of high-profile cyberattacks that have raised alarms about China’s growing role in cyber espionage. In recent years, multiple nations, particularly the US, have accused Beijing of backing hacking groups targeting government, military, and business sectors.

In September, the US Justice Department revealed it had dismantled a cyberattack network run by China-backed hackers that affected 200,000 devices globally. Earlier this year, US authorities exposed a hacking group called “Volt Typhoon,” which was reportedly targeting critical infrastructure like water plants and transportation systems. In 2023, tech giant Microsoft revealed that Chinese hackers, known as Storm-0558, breached the email accounts of several US government agencies, including the State Department and the office of Commerce Secretary Gina Raimondo.