财政部被一个中国官员们在周一的一封信中告诉国会。
他们表示,“重大”入侵是通过访问财政部使用的第三方网络安全服务BeyondTrust实现的。
该部门官员在给参议院银行委员会的一封信中说,这名演员随后访问了财政部的工作站和其中的“某些非机密文件”。
这封信说,威胁者能够“超越服务的安全性,远程访问某些财政部用户工作站,并访问这些用户维护的某些非机密文件”。
自发现该事件以来,财政部已停止使用BeyondTrust。
“受损的BeyondTrust服务已经离线,没有证据表明威胁行为人继续访问财政部系统或信息,”财政部发言人表示。
该官员表示,该部门一直在与美国联邦调查局、网络安全和基础设施安全局(CISA)以及情报界合作,“全面描述该事件的特征,并确定其总体影响”。
据美国财政部称,在30天内向国会发出的补充通知中,将提供更多关于黑客攻击的信息。
根据政策,财政部有义务向国会通报此类违规行为。
专家和官员表示,中国是美国最有害的网络参与者之一。上个月,官员们表示,一个中国支持的组织侵入了九家电信公司,并通过黑客攻击获得了某些知名人士的手机。
目前还不清楚这一违规行为是否与那些被指控的行为有关。
Treasury Department hit in cyberbreach by China-sponsored actor, officials say
The Treasury Department was breached by aChina-sponsored actor earlier this month, officials told Congress in a letter on Monday.
The "major" breach was achieved by gaining access to a third-party cybersecurity service Treasury used, called BeyondTrust, they said.
The actor then accessed Treasury workstations and "certain unclassified documents" on them, department officials said in a letter to the Senate Banking Committee.
The threat actor was able to "override the service's security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users," the letter said.
Treasury has ceased use of BeyondTrust since discovering the incident.
"The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information," according to a Treasury Department spokesperson.
The department has been working with the FBI and THE Cybersecurity and Infrastructure Security Agency (CISA) as well as the intelligence community to "fully characterize the incident and determine its overall impact," the official said.
More information will be available on the hack in a supplemental notice to Congress within 30 days, according to the Treasury Department.
Treasury is mandated by policy to notify Congress of such breaches.
China is one of America's most pernicious cyberactors, experts and officials say. Last month, officials said a Chinese-backed group hacked into nine telecommunications companies and was able to gain access to certain high-profile individuals cellphones as a result of the hack.
It is unclear if this breach is related to those alleged actions.
