More alleged Chinese intrusions into the US Treasury Department came to light
- The US Treasury Department has revealed that its foreign investment office was hit by a recent cyber attack
- The agency assesses national security risks to investments
- Breach of a third-party vendor led to access to U.S. Treasury systems
The US department that assesses foreign investments for national security risks has been revealed as a further victim of the cyber attack that targeted the US Treasury Department earlier this month.
The attack was declared a ‘major incident’ after a third-party cybersecurity service provider was compromised, giving a threat actor remote access to key Treasury systems.
The Committee on Foreign Investment in the US (CFIUS) suffered a data breach during the campaign, CNN has reported revealed. The department assesses foreign investments for national security risks and was recently given the authority to closely monitor real estate sales near US military bases, with the ability to block Chinese investments in the US.
Carefully chosen goals
The news is the latest in a series of developments following the US Treasury Department hack, in which hackers were able to gain access used by the hacked vendor to overwrite parts of the Treasury Department’s systems.
The attack has raised serious concerns among US officials, who are reportedly increasingly worried that the Chinese government or allies are planning to use land purchases to spy on US bases.
In the broader context of the attack on the US Treasury, other targets appear to have been chosen with Sino-US relations in mind. For example, the U.S. Sanctions Agency was targeted, which last week imposed a sanction on a Chinese company for its alleged role in cyberattacks.
The cyber espionage campaigns launched against US and Western targets in recent months aim not only to steal information and gain access to sensitive data, but also to disrupt critical infrastructure.
In a separate recent attack, the Chinese group Salt Typhoon is said to have breached nine major telecommunications companies in a massive campaign against US critical infrastructure. Victims included Verizon, AT&T and Lumen Technologies, with threat actors lurking in their networks for months.