According to sources, officials from the U.S. Department of the Treasury, Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) held a closed briefing with members of Congress on Wednesday (January 15th) on the Chinese Communist hackers’ attack on the U.S. Department of the Treasury at Capitol Hill.
The officials revealed to members of Congress that in a cyber security attack last year, Chinese hackers gained access to over 3,000 non-confidential documents at the Department of the Treasury.
They also noted that Chinese hackers obtained a small number of non-confidential documents belonging to senior officials including Treasury Secretary Janet Yellen, Deputy Secretary Wally Adeyemo, and Acting Deputy Secretary Brad Smith.
The targets of this attack also included the Committee on Foreign Investment in the United States (CFIUS) and the Office of Foreign Assets Control (OFAC).
The briefing took place in a secure room in the Capitol building for members of the House Financial Services Committee. Officials will brief the Senate Banking Committee on Thursday (January 16th).
The Department of the Treasury declined to comment when contacted by Politico.
The Department of the Treasury first confirmed at the end of last year that Chinese hackers had breached the department and stolen documents, but did not disclose specifics.
Officials at the Department of the Treasury stated during the briefing on Wednesday that the department’s security infrastructure successfully thwarted multiple cyber attacks by Chinese hackers, prompting the hackers to shift their focus to third-party vendors.
Hackers supported by China accessed this information through a third-party vendor, BeyondTrust, used by the Department of the Treasury between September 30th and November 18th last year. The company notified the Department on December 8th that hackers exploited vulnerabilities in their third-party product to access the data.
A spokesperson for the company stated, “After the incident, BeyondTrust immediately reported the incident to the Department of the Treasury, FBI, and CISA.”
The hackers accessed files from 419 computers at the Department of the Treasury and at least 3,029 files. Furthermore, analysis of the Treasury logs revealed that only non-confidential information was compromised.
Last year, the U.S. State Department and Department of Commerce were also targeted in Chinese hacker attacks. Officials stated that in that incident, Chinese hackers accessed non-confidential emails of senior officials including Commerce Secretary Gina Raimondo and U.S. Ambassador to China Nicholas Burns.
The Washington Post quoted David Laufman, who oversaw sanctions enforcement at the Department of Justice’s National Security Division, saying, “Even obtaining non-confidential information held by OFAC can provide valuable intelligence to Beijing, as this information is used in sanctioning organizations and individuals.”
On January 8th, Yellen raised the issue of Chinese cyberattacks during a CNBC interview. She stated that this is detrimental to bilateral relations and that the U.S. will and has taken action against cyber attackers.
White House spokesperson Karine Jean-Pierre stated during a routine press briefing on January 3rd that President Biden was briefed on Chinese cyberattacks on the Department of the Treasury and has instructed authorities to reduce the cyber risk posed by China.