China has denied allegations regarding the recently disclosed US Treasury Department cyber breach. Initially reported in early December, the breach targeted the Treasury’s systems by exploiting a third-party cybersecurity service provider, BeyondTrust.
In a letter to the Senate Banking Committee, the Treasury confirmed that the attackers had gained remote access to multiple workstations and unclassified documents. The department described the incident as the work of an Advanced Persistent Threat (APT) actor, a sophisticated cyber technique allowing intruders to remain undetected for extended periods of time.
A Treasury spokesperson reassured the public that the compromised service had been taken offline, with no evidence indicating that the threat actor has sustained access to the information and their systems. The department also emphasized its commitment to protecting its systems and data, noting ongoing collaboration with law enforcement and the US Cybersecurity and Infrastructure Security Agency (CISA) to assess the attack’s impact.
China swiftly denied the accusations, with Foreign Ministry spokesperson Mao Ning labeling them as “groundless” during a press conference on Tuesday. “Beijing has always opposed all forms of hacker attacks and is even more opposed to the spread of false information against China for political purposes,” she stated.
This is not the first time Beijing has faced accusations of state-sponsored cyber activity. In 2023, Microsoft revealed that a Chinese hacking group, Storm-0558, had breached the email accounts of 25 US government agencies, including the State Department and Commerce Secretary Gina Raimondo. Similarly, earlier this year, US authorities dismantled a hacker network, dubbed “Volt Typhoon,” that allegedly targeted critical infrastructure such as water treatment plants and transportation systems.
In September, the US Justice Department announced the neutralization of another Chinese-linked cyber network affecting 200,000 devices globally.
However, Beijing consistently counters such claims, asserting that it opposes cyberattacks of any kind. However, Western nations, particularly the US, remain alarmed at what they describe as an ongoing and aggressive Chinese cyber strategy targeting governments, militaries, and private businesses.
The Treasury Department has pledged to provide additional details in a forthcoming report. Meanwhile, tensions between the US and China continue to simmer as the global stakes in cybersecurity grow ever higher.