China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports

Chinese cyberspies targeted several offices, including ones dealing with foreign investments and sanctions, in the recent cyberattack aimed at the US Treasury Department, according to news reports.

Little technical information has been made public regarding the Treasury hack while authorities are investigating the full extent of the breach.

It was revealed in late December 2024 that hackers believed to be operating on behalf of the Chinese government accessed US Treasury systems in what was described as a major cybersecurity incident.

It’s unclear how many systems and what types of documents were compromised, but the US government said the attackers managed to gain access to unclassified information after accessing Treasury workstations.

Initial access was apparently gained by the hackers using a compromised API key for a remote management service from BeyondTrust, which confirmed that a key for a remote support product had been compromised and that a limited number of ...