- The US Treasury has revealed its foreign investments office was hit in recent cyberattack
- The office reviews national security risks for investments
- Breach of a third-party vendor led to US Treasury systems being accessed
The US department which reviews foreign investments for national security risks has been revealed as a further victim of the cyberattack which targeted the US Treasury department earlier this month.
The attack was declared a ‘major incident’ after a third-party cybersecurity service provider was compromised, allowing a threat actor remote access to key Treasury systems.
The Committee on Foreign Investment in the US (CFIUS) suffered a data breach as part of the campaign, CNN has revealed. The department reviews foreign investments for national security risks, and was recently granted the authority to scrutinize real estate sales near US military bases, with the scope to block Chinese investment into the US.
Carefully chosen targets
The news is the latest in a string of developments following the US Treasury department hack, in which hackers were able to gain access used by the breached vendor to override parts of the Treasury department’s systems.
The attack has sparked serious concerns for US officials, who have reportedly grown increasingly worried that the Chinese government or proxies plans to use land acquisitions to spy on US bases.
In the broader context of the Treasury attack, other targets look to have been chosen with China-US relations in mind. For example, the US sanctions office was targeted – which last week issued a sanction to a Chinese firm for its alleged role in cyberattacks.
The cyber espionage campaigns launched against US and western targets in recent months look not just to steal information and access sensitive data, but also to disrupt critical infrastructure.
In a separate recent attack, Chinese group Salt Typhoon allegedly breached 9 major telecommunications firms in a huge campaign against US critical infrastructure. Amongst the victims were Verizon, AT&T, and Lumen Technologies, who had threat actors lurking inside their networks for months.
You might also like
Services Marketplace – Listings, Bookings & Reviews