TRENDING:

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime

Report: Chinese Hackers Breached CFIUS

Cyberespionage Campaign Reached Treasury Office that Reviews Foreign Investment David Perera (@daveperera) , Chris Riotta (@chrisriotta) • January 10, 2025    
Report: Chinese Hackers Breached CFIUS
Image: Shutterstock

Chinese hackers reportedly breached a U.S. government office responsible for reviewing foreign investments for national security threats as part of a cyberespionage campaign targeting the Department of Treasury.

See Also: OnDemand | North Korea's Secret IT Army and How to Combat It

The hackers gained access to the Committee on Foreign Investment in the U.S., CNN reported. CFIUS is a multi-agency panel chaired by the treasury secretary that reviews national security concerns associated with foreign investments in the U.S. economy. Treasury has acknowledged Chinese hacking, which reportedly also penetrated the Office of Foreign Assets Control, the Treasury office tasked with sanctions enforcement.

Bloomberg on Wednesday reported the hackers behind the Treasury hacks are tracked as Silk Typhoon. The same Beijing nation-state group in 2021 hacked used four zero-day exploits to hack on-premises versions of Microsoft Exchange Server. The United States and allies at the time called the attacks part of a pattern of "irresponsible and destabilizing behavior in cyberspace."

The Cybersecurity and Infrastructure Security Agency said Monday the Treasury breach has not extended to other federal agencies (see: CISA Investigates Chinese Hacking of Treasury Department). Hackers found their way into Treasury networks through cloud-based support services from third-party contractor BeyondTrust. All instances of its remote support flaws "have been fully patched" against the identified vulnerabilities and that an additional patch was pushed for self-hosted instances, BeyondTrust has said.

Just days after Treasury admitted the hack, the Biden administration imposed sanctions on Beijing-based Integrity Technology Group for supporting a Chinese state hacking group tracked as Flax Typhoon (see: US Sanctions Beijing Company for Flax Typhoon Hacking).

The Treasury hacking comes amid a series of other high-profile Chinese attacks on U.S. critical infrastructure, telecommunications firms and federal networks, as experts warn Beijing is steadily preparing for future conflicts with Washington, including over a potential invasion of Taiwan.

Previous
Chainalysis Expands Fraud Detection With Alterya Acquisition
Next
White House Moves to Restrict AI Chip Exports

About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.



Around the Network

What's Ahead for Healthcare Cyber Regs, Legislation in 2025?
What's Ahead for Healthcare Cyber Regs, Legislation in 2025?
The Future of CISA in Healthcare in the New Administration
The Future of CISA in Healthcare in the New Administration
Protecting Highly Sensitive Health Data for Research
Protecting Highly Sensitive Health Data for Research
State and Federal Healthcare Cyber Regs to Watch in 2025
State and Federal Healthcare Cyber Regs to Watch in 2025
Wanted: An Incident Repository For Healthcare Nonprofits
Wanted: An Incident Repository For Healthcare Nonprofits
Moss on AI Disruption: 'Everything, Everywhere, All at Once'
Moss on AI Disruption: 'Everything, Everywhere, All at Once'
Why AI in Healthcare Harkens Back to Early Social Media Use
Why AI in Healthcare Harkens Back to Early Social Media Use
Information Security Career Advice: 'Pick Your Battles'
Information Security Career Advice: 'Pick Your Battles'
Contingency Planning for Attacks on Critical Third Parties
Contingency Planning for Attacks on Critical Third Parties
Addressing Gen AI Privacy, Security Governance in Healthcare
Addressing Gen AI Privacy, Security Governance in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.