The U.S. Treasury Department reported that its systems suffered unauthorized access in a major cybersecurity breach, with officials blaming the intrusion on hackers linked to the Chinese government. attacker It is said Employee workstations and unclassified documents were accessed, marking what the department called a “significant incident.”
according to a BBC reportThe cyberattacks targeted high-profile individuals, including President-elect Donald Trump and Vice President-elect Vance, while also compromising law enforcement wiretap databases that could expose surveillance of foreign spies. The report also noted that the data of millions of Americans may have been compromised by attacks on telecommunications companies.
The breach is the latest in a series of cyberattacks targeting U.S. entities, including major telecommunications companies and government agencies. In late October, two major U.S. presidential campaigns were hacked by actors affiliated with the People’s Republic of China, according to statements from the FBI and Cybersecurity and Infrastructure Safety agency (CISA). Additionally, in September, reports emerged of breaches of security operations at top telecommunications companies, with at least nine companies including AT&T and Verizon being compromised.
Earlier this year, in March, seven Chinese nationals were charged with carrying out a hacking campaign that lasted at least 14 years and targeted foreign critics of China, businesses and politicians. These operations also extended to other Western targets, including the UK Electoral Commission and the British and New Zealand parliaments.
The hacker groups involved are identified through various codenames assigned by security companies. The group behind the telecommunications hacking attack is often referred to as Salt Typhoon, a group led by Microsoft Researchers; other companies are called “Famous Sparrow”, “Ghost Emperor” and “Earth Estri”. Another group, “Volt Typhoon,” has been accused of infiltrating critical infrastructure organizations with the potential intention of conducting destructive attacks. U.S. Justice Department officials linked seven Chinese nationals earlier charged to an operation called “Zirconium,” or “Trial of Panda,” which also targeted the U.K. in 2021, according to the U.K.’s National Cyber Security Center MP’s email.
Just two weeks ago, the U.S. government launched a National Security Investigations TP-LinkIt is China’s leading router manufacturer, and its equipment accounts for approximately 65% of the U.S. home and small business router market. The review follows concerns that TP-Link routers have been used in cyberattacks linked to Chinese state-backed actors that have targeted the public and private sectors, including Department of Defense contractors.
The Chinese government has always denied involvement in these cyberattacks. However, the frequency and scope of these incidents have heightened tensions between China and Western countries, prompting calls for stronger cybersecurity measures and international cooperation to counter the growing threat of state-sponsored cyber espionage. As the investigation continues, U.S. officials are assessing the full scope of the breach and taking steps to strengthen the security of critical infrastructure and government systems.