CNN
—
The Biden administration on Friday identified the companies and people allegedly behind two harmful hacks targeting senior U.S. officials in what officials say is rampant Chinese cyberespionage. I decided to take the final step to expose the matter.
The goal, a senior US official told CNN, is to “impose real costs” on hackers who “try to undermine our democratic processes and ultimately our way of life.” But limiting China’s ability to collect sensitive information from U.S. networks is a decades-long challenge that the Trump administration will continue to pursue.
Friday’s announcement included Treasury sanctions on Chinese tech companies for their key roles in the massive data breach against the U.S. telecommunications giant that came to light last year. The hackers targeted telephone communications of President-elect Donald Trump, Vice President-elect J.D. Vance, and senior Biden administration officials.
The Treasury also sanctioned a Shanghai-based person for his alleged involvement in a separate hack of the Treasury itself that was revealed last month. The hackers targeted unclassified information belonging to Treasury Secretary Janet Yellen and Deputy Treasury Secretary Wally Adeyemo as part of an intelligence gathering operation, people familiar with the matter told CNN. CNN previously reported that they also infiltrated U.S. government agencies that screen foreign investments for national security risks.
A Treasury spokesperson declined to comment. Bloomberg News and Politico earlier reported that Yellen’s information was targeted.
The sanctions were imposed after President Trump said he had a “very good” phone conversation with Chinese President Xi Jinping on Friday.
“President Xi and I will do our best to make the world more peaceful and secure!” Trump wrote on social media.
However, the Trump administration has several leaders, including Congressman Mike Walz, the incoming national security adviser, and Senator Marco Rubio, President Trump’s pick for secretary of state, to push for a tougher approach to China, citing national security concerns. It is expected to include several ministers and other senior officials calling for action.
And the Trump administration faces an early test on whether to enforce a ban on Chinese-owned social media giant TikTok that the Supreme Court upheld on Friday.
The communications and Treasury hacks and the national security implications have left Washington in turmoil.
Federal employees are changing the way they communicate by phone and moving to more secure methods. Lawmakers are calling on major telecommunications providers to overhaul their cybersecurity. Adeyemo, the outgoing Treasury deputy secretary, also called on Congress to give federal agencies “clear authority” to investigate the security practices of contractors that service the financial system. (The Treasury hack occurred through a software contractor.)
In response to recent Chinese hacking activity, Walz called for more aggressive action by the U.S. government in cyberspace.
“We must go on the offensive and impose costs on those who are stealing our technology and attacking our infrastructure,” he wrote on X last month.
Tensions over cybersecurity have permeated U.S.-China relations for years, but have worsened in recent months. CNN previously reported that US diplomats complained in conversations with their Chinese counterparts that the scope and scale of the communications hack was excessive. China rejected the evidence.
“During his meeting with President Biden in Lima (last year), President Xi Jinping said there was no evidence to support the absurd claims of so-called cyberattacks from China,” said Liu Pengyu, a spokesperson for the Chinese embassy in Washington, D.C. said. he previously told CNN.
Some cybersecurity experts said Friday’s sanctions were necessary but insufficient steps to thwart China’s hacking efforts.
“Unfortunately, these actions are unlikely to completely stop the attackers behind these attacks, but they do shed light on their activities,” said John Hultquist, principal analyst at Mandiant, a Google company. “It’s important to add as much friction as possible.” Cyber security company.
