How is the Biden Administration Tackling Cyber Threats From China?

Person with glasses reflecting Chinese flag and computer screens

The alarming breach of the U.S. Treasury’s digital defenses raises pressing questions about the Biden administration’s cybersecurity strategy and its ability to protect national interests.

At a Glance

  • Chinese operatives hacked the U.S. Treasury, accessing workstations and unclassified documents.
  • The Biden administration described it as part of a series of surveillance operations targeting American institutions.
  • The hackers obtained a security key for remote access, posing a significant cybersecurity threat.
  • The breach was reported by BeyondTrust, and the compromised service has been taken offline.

Cyberattack Details

China’s intelligence agency recently targeted the U.S. Treasury Department, managing to access employee workstations and unclassified documents. This attack is part of a broader series of surveillance operations against American institutions. Despite China’s denial of such actions, this intrusion has been attributed to a state-sponsored Advanced Persistent Threat (APT) by a letter describing the incident as a major cybersecurity event.

The hackers reportedly obtained a security key granting remote access to specific Treasury workstations, raising alarms about espionage capabilities rather than attempts to disrupt infrastructure. This compromise was reported on December 8 by BeyondTrust, a third-party software service company engaged by the Treasury.

U.S. Response and Implications

The Biden administration’s response has been to categorize this breach within a series of surveillance operations against U.S. entities. Working with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, efforts are underway to evaluate the full scope of the breach. Chinese officials have, however, vehemently denied the hacking accusations, labeling them as politically motivated falsehoods during a press briefing.

“China consistently opposes all forms of hacking and is firmly against the spread of false information targeting China for political purposes,” Ministry of Foreign Affairs spokesperson Mao Ning

The compromised BeyondTrust service has been taken offline with no evidence that the threat actor maintains access to Treasury systems. Initial reports suggest an espionage operation to gather insights into the Treasury Department’s activities, potentially in relation to Chinese global financial ambitions.

Criticism of Cybersecurity Strategy

In the aftermath of the attack, critics have raised questions about the Biden administration’s cybersecurity policies. Concerns focus on the prioritization of social and political objectives, like diversity, which some argue detracts from more urgent national security tasks. Systemic issues in effective governance and policy appointment processes have been highlighted.

“Once Treasury was alerted by the service provider, we immediately contacted Cybersecurity and Infrastructure Security Agency (CISA) and have worked with law enforcement partners across the government to ascertain the impact of this incident. The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information.”

The article suggests that the administration’s handling of situations like the Afghanistan withdrawal, border policies, and cybersecurity flaws reflects a broader issue of leadership neglect. Some argue that partisan motivations overshadow the critical objective of safeguarding national security.

Sources

1. China Hacks the U.S. Treasury

2. U.S. Treasury says its computers were hacked by a Chinese ‘threat actor’ in a ‘major incident’

3. China Hacked Treasury Dept. in ‘Major’ Breach, U.S. Says