According to the Washington Post Chinese government hackers compromised the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) in December, targeting intelligence related to economic sanctions, officials reported. This breach aimed to access information relevant to potential U.S. designations of Chinese entities for financial sanctions.
Chinese hackers breach U.S. Treasury’s foreign assets office
The intrusion involved the Treasury’s Office of Financial Research and the Office of the Treasury Secretary, as disclosed in a letter to Congress. The cyberattack, characterized as a “major incident,” was revealed on December 8 by BeyondTrust, a software contractor that reported the breach. The hackers accessed unclassified documents and employee workstations, although there is no evidence indicating that they still maintain access to Treasury systems.
Current and former officials noted that a key area of interest for the hackers would be understanding which Chinese organizations might be targeted for sanctions. The Beijing government has denied the breach, labeling the accusations as “groundless,” and asserting its opposition to hacking activities.
The breach was made possible by compromising a security key used by BeyondTrust, which enabled the hackers to bypass security protocols. Officials indicated that the ability to compromise contractor security keys is a persistent challenge; a similar vulnerability was reported last year in a hack involving the State and Commerce departments.
DoubleClickjacking: The two-click hack that could hijack your accounts
Treasury Assistant Secretary for Management Aditi Hardikar described the incident as significant in her letter to the Senate Banking Committee. She confirmed that the compromised documents were unclassified, and highlighted the potential intelligence value of even unclassified information regarding U.S. sanctions deliberations.
In a historical context, this isn’t the first time that OFAC has been targeted by Chinese hackers; a breach occurred in the early 2000s, leading to the compromise of unclassified emails. Currently, tensions between the U.S. and China remain high, with the Biden administration actively enforcing regulations to bolster cybersecurity across critical sectors.
Featured image credit: Kerem Gülen/Midjourney
