The United States Treasury Department on Monday blamed China for breaching its network and gaining access to information that included unclassified documents.
Beijing has denied the allegations, calling them “baseless”.
The alleged hacking comes weeks after Beijing accused Washington of carrying out two cyberattacks on Chinese technology firms.
Blaming Washington and Beijing for trade, we assess the history of the cyber war between the world’s two largest economies and whether it has intensified.
Who hacked the US Treasury Department?
The US Treasury Department accused Chinese state-sponsored hackers of breaking into its system this month and accessing employee workstations and unclassified documents.
The department said the hackers gained access by bypassing a security key used by third-party cybersecurity provider BeyondTrust, which provides remote technical support to Treasury employees.
The Treasury Department made these details public on Monday in a letter to the US Congress. The attack was caused by “an Advanced Advanced Threat (APT) actor based in China,” the letter said.
The department, however, did not specify the number of workstations compromised, the nature of the files, the exact time frame of the hack and the level of confidentiality of the compromised workstations.
On December 8, Treasury was notified of a retaliation by BeyondTrust. The BBC reported that BeyondTrust first suspected unusual activity on December 2, but it took three days to determine that it had been hacked.
How did the US Department of the Treasury respond?
The department said there is no evidence the hackers still have access to the department’s information, and the compromised BeyondTrust has been taken offline.
It is assessing the impact of the hack with the help of the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). The hack is being investigated as a “major cyber security incident”.
The department’s letter to Congress added that additional information about the attack would be sent to US lawmakers within 30 days.
“Over the past four years, Treasury has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threat actors,” a department spokesperson said in a statement. special.
How has China responded?
China has denied the department’s accusations, and its Ministry of Foreign Affairs said Beijing condemns all forms of hacker attacks.
“We have expressed our position many times regarding such baseless allegations that have no evidence,” ministry spokesman Mao Ning was quoted as saying by AFP news agency.
A spokesman for the Chinese embassy in the US, Liu Pengyu, denied the department’s allegations. “We hope that relevant parties will take a professional and responsible attitude when characterizing cyber incidents, basing their conclusions on sufficient evidence and not on baseless speculation and accusations,” he said, according to a BBC report.
“The US must stop using cyber security to slander and defame China and stop spreading all kinds of disinformation about so-called Chinese hacking threats.”
Are the US and China Stepping Up Cyber Attacks Against Each Other?
While the US has blamed China for cyber attacks over the years, Beijing has also accused Washington of hacking its critical cyber infrastructure in recent years.
Here is a brief timeline of recent cyber attacks claimed by the two nations:
On December 18The China Computer Network Emergency Response Technical Team/China Coordination Center (CNCERT/CC) released a statement saying two US cyber attacks since May 2023 attempted to “steal trade secrets” from Chinese technology firms .
On December 5US Deputy National Security Adviser Anne Neuberger said a Chinese hacking group called Salt Typhoon had obtained the communications of senior US government officials, but classified information had not been compromised.
A month ago, on November 13The FBI and CISA said they had uncovered a vast cyberespionage campaign carried out by hackers linked to China.
The United States claimed that the hackers had compromised “private communications of a limited number of individuals”. While it did not specify who these individuals were, they were “primarily involved in government or political activity,” the FBI and CISA said.
Week before the US election in NovemberThe FBI launched an investigation after reports that Chinese hackers had targeted the cellphones of President-elect Donald Trump and Vice President-elect JD Vance, as well as people associated with Democratic presidential contender Kamala Harris.
In July 2023US tech giant Microsoft said the China-based hacker group Storm-0558 has breached the email accounts of around 25 organizations and government agencies. The breached accounts included those belonging to US State Department staff.
In MarchThe US and UK accused China of conducting a sweeping cyber espionage campaign that allegedly targeted millions of people, including lawmakers, journalists and defense contractors. Both countries imposed sanctions on a Chinese company after the incident. A month ago, US authorities said they had dismantled a Chinese-sponsored hacking network called Volt Typhoon.
In response, China called the allegations “completely fabricated and malicious slander.”
In March 2022China said it had experienced a series of cyber attacks mostly targeting US addresses. Some were also traced to the Netherlands and Germany, according to CNCERT/CC.
Why do cyber attacks start?
State-sponsored actors are regularly accused of launching cyber attacks against opponents ranging from state institutions to politicians and activists. They aim to gain unauthorized access to confidential data and trade secrets or disrupt economies and critical infrastructure.
“The US and China have had a history of using cyber defense to further their national security goals,” Rebecca Liao, co-founder and CEO at web3 protocol Saga, told Al Jazeera.
“While espionage against state actors is an accepted practice, the US has protested China’s rampant cyber attacks against US commercial entities,” said Liao, who was a member of the 2020 presidential campaign of President Joe Biden and Hillary Clinton. , advising on China, technology and Asian economic policy.
“It is clearly not diplomatically wise to build a history of using espionage. That is why Beijing has been so quick to deny all the allegations.”
With the development of digital technology, cyber attacks are on the rise worldwide, according to the German Institute for International and Security Affairs (SWP). Data from the SWP shows that cyber attacks increased from 107 in 2014 to 723 in 2023.
Cyber attacks are also carried out by individuals or organized groups who want to steal data and money.
How can countries protect themselves from cyber attacks?
The US and China “should spearhead a treaty on the responsible use of cyberspace,” wrote researchers Asimiyu Olayinka Adenuga and Temitope Emmanuel Abiodun of the Department of Political Science at Nigeria’s Tai Solarin University in an article published this year.
They cited the example of the treaties signed between the U.S. and the Soviet Union as a result of the Strategic Arms Limitation Talks, SALT I and SALT II, in 1972 and 1979. The two Cold War superpowers signed treaties to establish stability U.S. -Soviet by limiting their production of nuclear weapons.
In their article, the Tai Solarin researchers added that there is a need for further technological development, particularly in quantum computing, that will make it more difficult to execute cyberattacks.
Victor Atkins, an Indo-Pacific fellow at the US Atlantic Council’s Security Initiative, wrote in a February article that the US “must launch a new multilateral Indo-Pacific cyber threat intelligence sharing coalition.” to combat cyber attacks from China.
“A decade ago, there were some suggestions of convening an international cybersecurity body to come up with standards or codes of conduct that participating nations would adhere to,” said Liao, the technology expert.
“However, none of these efforts have borne fruit and it is up to each individual country to defend against cyber attacks.”
Governments are currently working on developing cyber security infrastructure such as firewalls to protect themselves from cyber attacks such as hacking.
An article published by the University of Miami added that countries use other practices to combat cyber threats. These include testing these cyber threats in a simulated environment. “Cyber teams constantly undergo military-style training exercises,” the article states.
