Chinese Hackers Target US Treasury Sanctions Office

Chinese Hackers Target U.S. Treasury Sanctions Office

Reports indicate that cyberattackers linked to the Chinese government infiltrated the U.S. Treasury Department in December, specifically targeting its sanctions office.

Targeting of OFAC

The state-sponsored actors focused on the Office of Foreign Assets Control (OFAC). This department is responsible for implementing economic and trade sanctions against both nations and individuals.

The potential motive behind this intrusion was to gain access to information regarding Chinese entities potentially facing future financial sanctions from the U.S. government.

Broader Scope of the Breach

The hacking group, originating from China, successfully compromised the U.S. Treasury by accessing employee workstations and unclassified documents.

Beyond the OFAC, the breach also extended to the Treasury Department’s Office of Financial Research and the office of the Treasury Secretary, as detailed in the report.

Discovery and Initial Response

The cyberattack, characterized by the Treasury as a “major cybersecurity incident,” was initially detected on December 8th.

BeyondTrust, a third-party provider of identity management software, alerted the agency to the security breach.

As of this time, the U.S. Treasury has not yet provided a response to inquiries from TechCrunch regarding this incident.