The US Treasury Department confirmed earlier this week that Chinese hackers had breached the department and stolen documents. On Wednesday (January 1st), US officials further disclosed to the media that the Chinese hackers had infiltrated the office within the Treasury Department responsible for managing economic sanctions and identified other targets of the attacks.
The Washington Post quoted unnamed US officials as saying that the hackers breached the Office of Foreign Assets Control (OFAC) and the Office of Financial Research (OFR) within the Treasury Department, as well as targeting Treasury Secretary Janet Yellen’s office.
The Office of Foreign Assets Control is considered a highly sensitive agency and one of the most powerful tools for the US to achieve national security goals.
US officials believe that what the Chinese government hackers were most interested in obtaining was the list of Chinese entities under consideration for financial sanctions.
In a letter to congress members on Monday, the US Treasury Department revealed that in a “significant incident,” the Chinese hackers successfully stole government documents. At that time, the Department did not specify which units were affected.
The letter pointed out that the Chinese hackers breached a third-party cybersecurity service provider of the Treasury Department, enabling them to remotely access the department’s workstations and some non-sensitive documents.
The Treasury Department stated at the time that there was no evidence indicating the hackers still had access to the Treasury Department systems.
This incident occurred as the US government was responding to another major cyber espionage campaign launched by Chinese authorities.
An organization named “Salt Typhoon” infiltrated nine US telecommunications companies, an event that some US lawmakers considered to be the “most serious telecommunication hack attack in US history.”
This incident has shocked both the industry and the government, with the Federal Communications Commission considering regulatory proposals put forth by chairperson Jessica Rosenworcel, expected to be voted on this month.
The Biden administration has utilized executive authority to establish cybersecurity standards for critical sectors such as pipelines, railways, and aviation. US officials stated that these regulations have increased compliance within these industries, adding that they believe stricter compliance will enhance the defense of networks and infrastructure against cyber attacks.
This string of intrusion incidents targeting US companies and institutions may escalate tensions between the US and China.
Incoming President Trump (Trump) will return to the White House on January 20th. He has previously stated his intention to impose even stricter tariffs on Chinese goods than during his first term.
While Trump has expressed willingness for the US and China to cooperate on solving international issues, his selection of nominees indicates that many hawks will hold key positions in the government or advise Trump. These hawks have expressed their desire to exert pressure on China in areas such as human rights, trade, intellectual property theft, and espionage allegations.
Analysts believe that the Chinese government’s intrusion into US government agencies may bolster the voices of the hawks.
Current and former officials told The Washington Post that even non-sensitive documents could be highly valuable to a competitor like China.
In particular, the breach of the OFAC could lead to the exposure of sensitive information related to government sanction deliberations. Before designating a target, the OFAC compiles an “administrative record” detailing how the evidence collected aligns with various regulations or regulatory standards.
Even non-sensitive records could provide enough information for adversaries to understand how the US formulates sanctions against foreign targets and potentially identify the targets in question.
David Laufman, who previously oversaw sanctions enforcement at the National Security Division of the US Department of Justice, told The Washington Post, “Even obtaining non-sensitive information within OFAC’s purview would be valuable to Beijing because that information is used to make the case for sanctions against organizations and individuals.”
For decades, the Chinese government has been stealing US government intelligence and confidential corporate information to strengthen its position in global economic, technological, and security competition. This latest incident is just one in a series of intrusions.
Officials also warned that recently, Chinese authorities have been attempting to gain access to critical infrastructure systems across the US. Should a conflict arise between China and Western countries, these facilities could be compromised.
Two US officials stated that there are numerous workstations within the Treasury Secretary’s office, and as of now, no breaches have been detected on the computer used by Treasury Secretary Yellen.
Last year, the US Department of State and the Department of Commerce were also targeted in Chinese hacker attacks. Officials stated that during that incident, Chinese hackers accessed non-sensitive emails of senior officials including Secretary of Commerce Gina Raimondo and US Ambassador to China Nicholas Burns.
China poses the biggest diplomatic and military challenge to the US. Last month, Yellen mentioned that Washington does not rule out imposing sanctions on Chinese banks. The US hopes to reduce Russia’s oil revenue through this action in order to bring an earlier end to the Russia-Ukraine conflict.
Officials stated that the White House is formulating an executive measure to address this issue.