In a significant response to recent allegations, China has firmly rejected claims that a state-sponsored Chinese actor was behind a cyber breach at the US Treasury Department, calling the accusations “groundless.” The incident reportedly allowed unauthorized access to certain Treasury workstations, as outlined in a letter to Congress obtained by AFP.
According to the Treasury, the breach occurred earlier this month when hackers compromised a third-party cybersecurity service provider, granting them remote access to workstations and some unclassified documents. In response, the Treasury contacted the US Cybersecurity and Infrastructure Security Agency and is collaborating with law enforcement to assess the impact of the breach.
Foreign ministry spokeswoman Mao Ning emphasized that China opposes all forms of hacking and criticized the dissemination of false information for political purposes. “We have stated our position many times regarding such groundless accusations that lack evidence,” she stated.
In its statement to the Senate Banking Committee, the Treasury attributed the cyber incident to a Chinese state-sponsored Advanced Persistent Threat (APT) actor. An APT refers to a sophisticated cyberattack where intruders maintain unauthorized access to a target’s network for extended periods, often remaining undetected.
While the Treasury did not disclose specific details about the breach’s impact, they assured that the compromised BeyondTrust service has been taken offline and that there is no evidence of ongoing access to Treasury systems or information.
“Treasury takes very seriously all threats against our systems and the data it holds,” a department spokesperson stated. Further details regarding the incident are expected to be shared in a supplemental report at a later date.
The allegations come amid rising global concern over Chinese-government-backed hacking activities targeting various sectors, including governments, militaries, and businesses. The United States has been particularly vocal about these threats, citing multiple instances of cyberattacks linked to Chinese state-sponsored groups.
In September, the US Justice Department announced it had neutralized a cyber-attack network affecting 200,000 devices worldwide, which was said to be operated by hackers connected to the Chinese government. Earlier, in February, US authorities dismantled a network of hackers known as “Volt Typhoon,” which targeted critical public infrastructure, including water treatment facilities and transportation systems.
In 2023, Microsoft reported that Chinese-based hackers breached the email accounts of several US government agencies, including the State Department and the office of Commerce Secretary Gina Raimondo, through a group identified as Storm-0558.
As the situation develops, both the US and China continue to navigate the complex landscape of cyber threats and international relations, with cybersecurity remaining a focal point of concern for governments worldwide.
