China responded on Tuesday to statements by the US Treasury claiming that a Chinese cyberattack made it possible to bypass its IT security and steal documents, calling these accusations “unfounded”, in a context of Western distrust towards hacks of Chinese origin .
The US Treasury Department indicated in a letter sent to the US Congress and consulted by AFP that a computer attack carried out earlier in December allowed access to some of its workstations. A hacker managed to gain access to a key used by a service provider and was able to remotely access workstations and some unclassified documents, according to the document.
China has denied the accusations, saying Beijing “has always been opposed to any form of hacker attacks” but “is even more opposed to the dissemination of false information against China for political purposes.” “. “We have repeatedly expressed our position regarding such baseless accusations that have no evidence,” Mao Ning, a Chinese Foreign Ministry spokeswoman, said Tuesday at a regular news conference in Beijing. .
In the United States, the Treasury Department contacted the US Cybersecurity Agency after being alerted to the situation by its supplier BeyondTrust, and worked with law enforcement to assess the impact. “The compromised BeyondTrust service was taken offline and there is no evidence to indicate that the intruder maintained access to Treasury systems or information,” the department spokesperson said.
In its letter to Senate Banking Committee leadership, Treasury attributed the attack to “a Chinese state-backed APT actor.” APT (Advanced Persistent Threat) technique, an intruder establishes and maintains unauthorized access to a target by remaining undetected for a certain period of time. The department did not provide further details on what was affected by the intrusion, but promised to release a report soon.
Several countries, notably the United States, have expressed concern in recent years about hacking activities supported by the Chinese government, targeting their administrations, the military and businesses. China rejects these accusations and says it fights against all forms of cyberattacks.
In September, the US Department of Justice announced that it had neutralized a network of cyberattacks affecting 200,000 devices worldwide, saying it was led by hackers backed by the Chinese government. In February, US authorities also said they had dismantled a hacker network known as “Volt Typhoon”. This group was supposed to target key public infrastructure at the request of China.
In 2023, tech giant Microsoft reported that China-based hackers had penetrated the email accounts of several US government agencies. The accounts of the State Department and Commerce Secretary Gina Raimondo were among those hacked.
