Silk Typhoon: Advanced Persistent Threat Actor Targets US Treasury Department

0
350

The US Treasury Department disclosed in December that it had fallen victim to a security breach involving a “China state-sponsored Advanced Persistent Threat actor” also known as Silk Typhoon. 

Subsequent reporting by Bloomberg and others has provided further details on the extent of the hack.

Investigators Identify Silk Typhoon as Culprit

The attack has been linked to a Chinese state-sponsored hacking group known by various names, including Silk Typhoon, Halfnium, and UNC5221. Investigators believe the intrusion was strategically timed to occur outside normal working hours to minimize detection. 

However, a spokesperson for the Chinese Foreign Ministry has dismissed the allegations, calling them “unwarranted and groundless.”

Scope of the Hack and Targeted Data

The hackers accessed more than 400 laptop and desktop computers, many of which were connected to senior leaders handling sensitive areas like sanctions, international affairs, and intelligence. 

The breach exposed usernames, passwords, and over 3,000 unclassified files on personal computers. These files included travel data, organizational charts, sanction-related documents, and foreign investment metrics.