The U.S. Treasury Department's Office of Foreign Assets Control, which spearheads sanctions enforcement, was reported by the Washington Post to have been compromised by Chinese state-sponsored threat actors as part of a cyberespionage operation that could have been aimed at identifying Chinese entities and individuals at risk of U.S. sanctions, according to BleepingComputer.
Officials revealed that the department's Office of Financial Research had also been infiltrated as part of the incident, which was noted to have stemmed from an attack against the agency's implementation of the BeyondTrust remote support software-as-a-service platform in a disclosure to Congress earlier this week. Investigation into the extent of the compromise is still underway but the Treasury Department said that it was able to purge attackers from its systems following the shutdown of impacted BeyondTrust instances. Such a development comes amid intensifying Chinese state-backed attacks against U.S. infrastructure, the most recent of which is the cyberespionage campaign conducted by Salt Typhoon against nine U.S. telecommunications companies.
