US Treasury Hacked: Are China and the US Stepping Up Their Cyber ​​War? | Cybercrime news

The United States Treasury Department on Monday blamed China for breaching its network and gaining access to information that included unclassified documents.

Beijing has rejected the accusations, calling them “baseless”.

The alleged hacking comes weeks after Beijing accused Washington of carrying out two cyber attacks on Chinese technology companies.

With trade guilt between Washington and Beijing, we assess the history of cyberwarfare between the world’s two largest economies and whether it has intensified.

Who Hacked the US Treasury Department?

The US Treasury Department accused state-sponsored Chinese hackers of breaking into its system this month and accessing employee workstations and unclassified documents.

The department said the hackers gained access by overriding a security key used by third-party cybersecurity provider BeyondTrust, which provides remote technical support to Treasury Department employees.

The Treasury Department announced the details in a letter to the US Congress on Monday. The attack was caused by an “Advanced Persistent Threat (APT) actor based in China,” the letter said.

The department, however, did not specify the number of compromised workstations, the nature of the files, the exact time frame of the hacking and the level of confidentiality of the compromised workstations.

On December 8, the Ministry of Finance was alerted to the hack by BeyondTrust. The BBC reported that BeyondTrust first suspected unusual activity on December 2, but it took three days to determine that it had been hacked.

How did the US Department of Finance react?

The department said there was no evidence the hackers still had access to the department’s information and that the compromised BeyondTrust had been removed from the network.

It assesses the impact of hacking with the help of the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). The hack is being investigated as a “major cyber security incident”.

The Department’s letter to Congress added that additional information about the attack would be sent to US lawmakers in 30 days.

“Over the past four years, the Treasury Department has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threats,” a department spokesman said in a separate statement.

How did China respond?

China rejected the ministry’s accusations, and its Foreign Ministry said Beijing condemned all forms of hacking.

“We have expressed our position many times regarding such baseless accusations without evidence,” ministry spokesman Mao Ning was quoted as saying by the AFP news agency.

A spokesman for the Chinese embassy in the US, Liu Pengyu, rejected the department’s allegations. “We hope that relevant parties will take a professional and responsible attitude when characterizing cyber incidents, basing their conclusions on sufficient evidence and not on baseless speculation and accusations,” he said, according to a BBC report.

“The US needs to stop using cybersecurity to smear and slander China and stop spreading all kinds of misinformation about so-called Chinese hacking threats.”

Are the US and China Stepping Up Cyber ​​Attacks on Each Other?

While the US has blamed China for cyber attacks over the years, Beijing has also accused Washington of hacking its critical cyber infrastructure in recent years.

Here’s a quick timeline of recent cyberattacks claimed by two countries:

On December 18China’s National Computer Network Emergency Response Technical Team/China Coordination Center (CNCERT/CC) released a statement saying two US cyber attacks since May 2023 attempted to “steal trade secrets” from Chinese technology companies.

On December 5US Deputy National Security Adviser Anne Neuberger said the Chinese hacking group called A salty typhoon received communications from senior US government officials, but classified information was not compromised.

A month earlier, November 13The FBI and CISA said they discovered the woman cyberespionage campaign carried out by hackers linked to China.

The US claimed that the hackers compromised “the private communications of a limited number of individuals”. While it was not specified who the individuals were, they were “primarily involved in government or political activities,” the FBI and CISA said.

Weeks before the US election in NovemberFBI launched an investigation following reports that alleged Chinese hackers targeted the president-elect’s cellphones Donald Trump and vice president-elect JD Vance as well as people associated with Kamala Harris, the Democratic presidential candidate in the race.

In July 2023US tech giant Microsoft said the China-based hacking group Storm-0558 had broken into the email accounts of around 25 organizations and government agencies. Accounts breached included those belonging to US State Department personnel.

In MarchThe US and the UK have accused China of waging a massive cyberespionage campaign that has reportedly affected millions of people, including lawmakers, journalists and defense contractors. The two countries imposed sanctions on the Chinese company after the incident. A month earlier, US authorities said they had busted a hacking network called China Volt typhoon.

In response, China called the accusations “completely fabricated and malicious slander.”

In March 2022China said it had experienced a series of cyberattacks that mostly reached American addresses. Some have also been found in the Netherlands and Germany, according to CNCERT/CC.

Why are cyber attacks launched?

State-sponsored actors are regularly accused of launching cyberattacks against opponents ranging from state institutions to politicians and activists. Their goal is to gain unauthorized access to confidential data and business secrets or to disrupt economies and critical infrastructure.

“The US and China have a history of using cyber defense to advance their national security goals,” Rebecca Liao, CEO of tech protocol Saga, told Al Jazeera.

“While espionage against state actors is an accepted practice, the US has protested China’s rampant cyber attacks on US commercial entities,” said Liao, who was a member of President Joe Biden’s 2020 presidential campaign, advising on China, technology and Asian economic policy.

“Obviously it is not diplomatically wise to create a record of resorting to espionage. That’s why Beijing was so quick to reject all the accusations.”

With the development of digital technology, cyber attacks are on the rise worldwide, according to the German Institute for International and Security Affairs (SWP). Data from the SWP shows that cyber attacks have increased from 107 in 2014 to 723 in 2023.

Cyber ​​attacks are also carried out by individuals or organized groups who want to steal data and money.

How can countries protect themselves from cyber attacks?

The US and China “should spearhead an agreement on the responsible use of cyberspace,” researchers Asimiyu Olayinka Adenuga and Temitope Emmanuel Abiodun of the Department of Political Science at Nigeria’s Tai Solarin University wrote in an article published this year.

They cited the example of the treaties signed between the US and the Soviet Union as a result of the Strategic Arms Limitation Negotiations, SALT I and SALT II, ​​in 1972. and in 1979 the two Cold War superpowers signed agreements to establish US-Soviet stability by limiting their production of nuclear weapons.

In their article, Tai Solarino researchers added that there is a need for further technological development, especially in quantum computing, which will make it more difficult to carry out cyberattacks.

Victor Atkins, a fellow at the Atlantic Council’s Indo-Pacific Security Initiative, wrote in an article in February that the US “should launch a new expansive multilateral cyber threat intelligence sharing coalition in the Indo-Pacific” to counter cyberattacks from China. .

“Ten years ago, there were some proposals about convening an international cybersecurity body to come up with standards or codes of conduct for participating countries to adhere to,” said Liao, the technical expert.

“However, none of these efforts have borne fruit, and it is up to each individual country to protect itself against cyberattacks.”

Governments are currently working to develop cyber security infrastructure such as firewalls to protect themselves from cyber attacks such as hacking.

The article, published by the University of Miami, added that countries are using other practices to combat cyber threats. This involves testing these cyber threats in a simulated environment. “Cyber ​​​​teams constantly undergo training exercises, similar to military ones,” the article states.