Chinese hackers target US Treasury computers used for sanctions — Committee on Foreign Investment specifically targeted
No secret information was stolen.
Chinese hackers have gained access to a system that belongs to the Committee on Foreign Investment in the U.S. (CFIUS), a government organization that reviews significant purchases by foreigners in the country, reports CNN. The system was unclassified and should not contain any secrets, but the revelation that a Chinese group gained access is worrisome.
CFIUS reviews foreign investments for national security risks and gained expanded authority in December to oversee real estate deals near military bases. The breach involved exploiting a third-party service provider to gain remote access to Treasury user workstations and unclassified files. While no classified information was accessed, officials are worried that unclassified data could be pieced together to produce valuable intelligence.
A U.S. Treasury representative confirmed collaboration with law enforcement and insisted there was no evidence of continued access by the hackers. U.S. officials are reportedly assessing potential risks and are reviewing documents obtained during the breach. As noted above, while the exact information stolen remains unclear, there are obvious concerns over espionage risks related to Chinese land purchases near critical military sites.
The report says that the U.S. Treasury's sanctions office was also compromised, ironically, shortly after the office imposed sanctions on a Chinese company for alleged cyberattacks.
The hackers infiltrated U.S. Treasury systems as part of a broader campaign as similar incidents happened over the past year, according to the report. Treasury Secretary Janet Yellen addressed the issue with her Chinese counterpart, emphasizing the negative impact on mutual relations. However, the Chinese Embassy denied involvement and said that accusations of cyberattacks from China lack evidence.
CFIUS is perhaps not widely known in the U.S. as it primarily deals with foreign entities. One of the biggest deals CFIUS banned was Tsinghua Unigroup's attempt to acquire Micron Technology to gain DRAM production know-how and eventually produce memory in China. Given tensions between the U.S. and China in recent years, CFIUS was given more authority than it used to have a decade ago. For obvious reasons, it is now a target for various hacking groups.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Anton Shilov is a contributing writer at Tom’s Hardware. Over the past couple of decades, he has covered everything from CPUs and GPUs to supercomputers and from modern process technologies and latest fab tools to high-tech industry trends.
-
newtechldtech I dont understand why Government computers dont have their own internet separated from public ones. and I mean REAL separate one , all the infrastructure cables ... they can wire them along the normal internet cables underground/sea what ever.Reply -
cerata
1. That might have made working from home during pandemic lockdowns a little bit harder.newtechldtech said:I dont understand why Government computers dont have their own internet separated from public ones. and I mean REAL separate one , all the infrastructure cables ... they can wire them along the normal internet cables underground/sea what ever.
2. At *some* point, most government systems need to be publicly accessible. I don't know how the process works, but presumably foreign investors need to submit applications/supporting documentation to the CFIUS online. You *could* still have an airgapped private network, where employees retype pertinent information from the public-facing computers to the private ones. But that would cost a lot of extra person-hours (when politicians are always bellyaching about government spending) and introduce human error. Even then, if foreign investors have to divulge sensitive information to the public-facing computers, those will still be an attractive target for hackers, even if they can't get at the private network. -
beyondlogic Admin said:Chinese hackers gained access to an unclassified CFIUS system.
Chinese hackers target US Treasury computers used for sanctions — Committee on Foreign Investment specifically targeted : Read more
you know its bad when hackers are getting involved lol.