- The US Treasury has revealed that its foreign investment office was affected by a recent cyberattack.
- Office reviews national security risks for investments
- A third-party vendor’s breach led to access to US Treasury systems.
The US department that screens foreign investments for national security risks has been revealed as yet another victim of the cyberattack that targeted the US Treasury Department earlier this month.
The attack was declared a “major incident” after a third-party cybersecurity service provider was compromised, allowing a threat actor remote access to key Treasury systems.
The Committee on Foreign Investment in the United States (CFIUS) suffered a data breach as part of the campaign, CNN revealed. The department reviews foreign investments for national security risks and was recently given the authority to examine real estate sales near U.S. military bases, with the scope of blocking Chinese investment in the United States.
Carefully chosen objectives
The news is the latest in a series of developments following the attack on the US Treasury Department, in which hackers were able to gain access used by the hacked vendor to override parts of the Treasury Department’s systems.
The attack has raised serious concerns among US officials, who are reportedly increasingly concerned that the Chinese government or its proxies plan to use land acquisitions to spy on US bases.
In the broader context of the Treasury attack, other targets appear to have been chosen with China-US relations in mind. For example, the target was the US sanctions office, which last week sanctioned a Chinese company for its alleged role in cyberattacks.
Cyberespionage campaigns launched against American and Western targets in recent months not only seek to steal information and access sensitive data, but also disrupt critical infrastructure.
In another recent attack, the Chinese group Salt Typhoon allegedly broke into nine major telecommunications companies in a massive campaign against critical US infrastructure. Victims included Verizon, AT&T, and Lumen Technologies, which had threat actors lurking within their networks for months.
