China rejects accusations it targeted US Treasury in cyberattack
China on Tuesday rejected US accusations that it was behind a cyberattack targeting the Treasury, calling the claims “groundless”, lacking evidence. The breach occurred earlier in December and resulted in remote access to some of the department’s workstations.
31/12/2024 -
By: NEWS WIRES
Video by: FRANCE 24
01:44
The US Treasury Department said on December 30, 2024, that a China state-sponsored actor was behind a cyber breach resulting in access to some of its workstations.
© Saul Loeb, AFP/ File picture
Beijing on Tuesday hit back at accusations that a China state-sponsored actor was behind a cyber breach at the US Treasury Department, calling the claims “groundless”.
The Treasury said the attack resulted in access to some of its workstations, according to a letter to Congress seen by AFP.
According to the Treasury, the incident happened earlier this month, when the actor compromised a third-party cybersecurity service provider and was able to remotely access the workstations and some unclassified documents.
China denied the claims, with the foreign ministry saying Beijing “has always opposed all forms of hacker attacks, and we are even more opposed to the spread of false information against China for political purposes”.
“We have stated our position many times regarding such groundless accusations that lack evidence,” foreign ministry spokeswoman Mao Ning said.
The Treasury contacted the US Cybersecurity and Infrastructure Security Agency after it was alerted of the situation by its provider BeyondTrust, and has been working with law enforcement to ascertain the impact.
“The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” the department’s spokesperson said.
In its letter to the leadership of the Senate Banking Committee, the Treasury said: “Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”
An APT refers to a cyberattack where an intruder establishes and maintains unauthorised access to a target, remaining undetected for a sustained period of time.
The department did not provide further details on what was affected by the breach, but said more information would be released in a supplemental report at a later date.
“Treasury takes very seriously all threats against our systems, and the data it holds,” the spokesperson added.
Beijing on Tuesday hit back at accusations that a China state-sponsored actor was behind a cyber breach at the US Treasury Department, calling the claims “groundless”.
The Treasury said the attack resulted in access to some of its workstations, according to a letter to Congress seen by AFP.
According to the Treasury, the incident happened earlier this month, when the actor compromised a third-party cybersecurity service provider and was able to remotely access the workstations and some unclassified documents.
China denied the claims, with the foreign ministry saying Beijing “has always opposed all forms of hacker attacks, and we are even more opposed to the spread of false information against China for political purposes”.
“We have stated our position many times regarding such groundless accusations that lack evidence,” foreign ministry spokeswoman Mao Ning said.
The Treasury contacted the US Cybersecurity and Infrastructure Security Agency after it was alerted of the situation by its provider BeyondTrust, and has been working with law enforcement to ascertain the impact.
“The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” the department’s spokesperson said.
In its letter to the leadership of the Senate Banking Committee, the Treasury said: “Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”
An APT refers to a cyberattack where an intruder establishes and maintains unauthorised access to a target, remaining undetected for a sustained period of time.
The department did not provide further details on what was affected by the breach, but said more information would be released in a supplemental report at a later date.
“Treasury takes very seriously all threats against our systems, and the data it holds,” the spokesperson added.
Alarm over hacks
Several countries, notably the United States, have voiced alarm in recent years at what they say is Chinese-government-backed hacking activity targeting their governments, militaries and businesses.
Beijing rejects the allegations, and has previously said that it opposes and cracks down on all forms of cyberattacks.
In September, the US Justice Department said it had neutralised a cyber-attack network that affected 200,000 devices worldwide, alleging it was run by hackers backed by the Chinese government.
In February, US authorities also said they had dismantled a network of hackers known as “Volt Typhoon”.
The group was said to be targeting key public sector infrastructure like water treatment plants and transportation systems at the behest of China.
In 2023, tech giant Microsoft said Chinese-based hackers seeking intelligence information breached the email accounts of a number of US government agencies.
The group, Storm-0558, had breached email accounts at approximately 25 organisations and government agencies.
Accounts belonging to the State Department and Commerce Secretary Gina Raimondo were among those hacked in that breach.
(AFP)
Pro-Russian hackers target websites of several French cities
Europe
The websites of several French cities were taken down on Tuesday after being targeted by pro-Russian hackers. The NoName collective claimed the attacks, which they described as retaliation for French support for Ukraine.
31/12/2024
FRANCE24
By: NEWS WIRES
Several countries, notably the United States, have voiced alarm in recent years at what they say is Chinese-government-backed hacking activity targeting their governments, militaries and businesses.
Beijing rejects the allegations, and has previously said that it opposes and cracks down on all forms of cyberattacks.
In September, the US Justice Department said it had neutralised a cyber-attack network that affected 200,000 devices worldwide, alleging it was run by hackers backed by the Chinese government.
In February, US authorities also said they had dismantled a network of hackers known as “Volt Typhoon”.
The group was said to be targeting key public sector infrastructure like water treatment plants and transportation systems at the behest of China.
In 2023, tech giant Microsoft said Chinese-based hackers seeking intelligence information breached the email accounts of a number of US government agencies.
The group, Storm-0558, had breached email accounts at approximately 25 organisations and government agencies.
Accounts belonging to the State Department and Commerce Secretary Gina Raimondo were among those hacked in that breach.
(AFP)
Pro-Russian hackers target websites of several French cities
Europe
The websites of several French cities were taken down on Tuesday after being targeted by pro-Russian hackers. The NoName collective claimed the attacks, which they described as retaliation for French support for Ukraine.
31/12/2024
FRANCE24
By: NEWS WIRES
File photo: A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. © Kacper Pempel, Reuters
The internet sites of several French cities and at least one department were inaccessible Tuesday after a group of hackers claimed attacks they described as retaliation for French support for Ukraine.
At 1600 GMT, the sites of the cities of Marseille and Tarbes were down, as was the site of the department of Haute-Garonne.
The attacks were claimed on X by a hackers group calling themselves NoName, a collective already known for other attacks and for defending Russian points of view.
On their X account, the hackers claimed to have also attacked the sites of cities such as Nantes, Bordeaux, Poitiers, Pau, Nimes, Nice, Angers, Le Havre, and Montpellier, as well as the department of Les Landes, French Polynesia and New Caledonia, but there were all still operating Tuesday.
The mayor of Nice, Christian Estrosi, confirmed on X that the city's website had been targeted.
Marseille's town hall told AFP that the servers that host the city's websites had been subject to attacks that required them to enact "protection mechanisms that had the consequence of making them inaccessible".
The cities of Pau and Angers, as well as the Landes department, said they had not noticed any incidents.
DDoS attacks, or "distributed denial of service", are frequently used by NoName in a technique that involves saturating sites with a huge number of automatic requests that render them inoperable.
The attacks generally do not involve stealing data.
Benoit Grunemwald, a cybersecurity expert at ESET, said the goal appears to be propaganda by "creating an impression of a climate of digital insecurity".
(AFP)
No comments:
Post a Comment