US Treasury Department on Monday Blame China to penetrate its network and access information including unclassified documents.

Beijing denied these allegations, calling them “baseless.”

The alleged hacking comes weeks after Beijing accused Washington of carrying out two cyberattacks on Chinese technology companies.

As Washington and Beijing exchange blame, we assess the history of cyber warfare between the world’s two largest economies and whether it has intensified.

Who hacked the US Treasury?

The US Treasury Department accused Chinese state-sponsored hackers of infiltrating its system this month and accessing employee workstations and unclassified documents.

The department said the hackers gained access by bypassing a security key used by third-party cybersecurity provider BeyondTrust, which provides remote technical support to Treasury employees.

The Treasury Department announced these details on Monday in a letter to the US Congress. The message said the attack was carried out by “an Advanced Persistent Threat (APT) representative based in China.”

However, the administration did not specify the number of workstations that were compromised, the nature of the files, the exact time frame of the breach and the level of confidentiality of the workstations that were compromised.

On December 8, the Treasury Department was alerted about the BeyondTrust hack. BeyondTrust first suspected unusual activity on December 2, but it took three days to determine it had been compromised, the BBC reported.

How did the US Treasury respond?

The department said there was no evidence that hackers were still able to access management information and that the compromised BeyondTrust software had been taken offline.

It is assessing the impact of the hack with the help of the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). The hack is being investigated as a “major cybersecurity incident.”

The department’s letter to Congress added that supplementary information about the attack would be sent to US lawmakers within 30 days.

“Over the past four years, the Treasury Department has significantly strengthened its cyber defense, and we will continue to work with private and public sector partners to protect our financial system from threat actors,” a department spokesperson said in a separate statement.

How did China respond?

China denied the ministry’s accusations, and its Foreign Ministry said that Beijing condemns all forms of pirate attacks.

Agence France-Presse quoted ministry spokesman Mao Naing as saying: “We have clarified our position several times regarding such accusations that are baseless and lack evidence.”

Chinese Embassy spokesman in the United States, Liu Bingyu, denied the ministry’s allegations. He said, according to a BBC report: “We hope that the parties concerned will adopt a professional and responsible stance when describing cyber incidents, and base their conclusions on sufficient evidence instead of speculation and baseless accusations.”

“The United States needs to stop using cybersecurity to smear and discredit China and stop spreading all kinds of disinformation about so-called Chinese hacking threats.”

Are the US and China intensifying cyberattacks against each other?

While the United States has blamed China for cyberattacks over the years, Beijing has also accused Washington of hacking into its critical cyber infrastructure in recent years.

Here is a brief timeline of recent cyberattacks announced by both countries:

On December 18thThe China National Computer Network Emergency Response Technical Team/Coordinating Center (CNCERT/CC) issued a statement saying that two US cyberattacks since May 2023 attempted to “steal trade secrets” from Chinese technology companies.

On December 5thUS Deputy National Security Advisor Anne Neuberger said a Chinese hacking group had contacted Salt hurricane It obtained communications from senior US government officials but no classified information was compromised.

a month ago, On November 13thThe FBI and CISA said they discovered a wide range Cyber ​​espionage campaign It was carried out by hackers linked to China.

The US claimed that the hackers had breached “the private communications of a limited number of individuals”. The FBI and CISA said that although they did not identify those individuals, they were “primarily engaged in governmental or political activities.”

Weeks before the US elections in NovemberFederal Bureau of Investigation I launched an investigation After reports claimed that Chinese hackers targeted the President-elect’s mobile phones Donald Trump And Vice President-elect J.D. Vance As well as people associated with Kamala Harris, the Democratic presidential nominee in the race.

In July 2023US technology giant Microsoft said that China-based hacking group Storm-0558 has breached email accounts in about 25 organizations and government agencies. The hacked accounts included accounts belonging to US State Department employees.

In MarchThe US and UK have accused China of carrying out a sweeping cyberespionage campaign that allegedly infected millions of people, including lawmakers, journalists and defense contractors. The two countries imposed sanctions on a Chinese company after the incident. A month ago, US authorities said they had dismantled a Chinese-sponsored hacking network called… Volt Typhoon.

In response, China described the accusations as “completely fabricated and malicious slander.”

In March 2022China said it had been subjected to a series of cyber attacks, most of which traced back to US addresses. Some were also returned to the Netherlands and Germany, according to CNCERT/CC.

Why are cyberattacks launched?

State-sponsored actors are regularly accused of launching cyberattacks against opponents ranging from state institutions to politicians and activists. They aim to gain unauthorized access to confidential data and trade secrets or disrupt economies and critical infrastructure.

“The United States and China have a history of using cyber defense to advance national security goals,” Rebecca Liao, CEO of technology protocol company Saga, told Al Jazeera.

“While espionage against government actors is an accepted practice, the United States has protested China’s rampant cyberattacks against… US commercial entities.

“It is clearly not diplomatic wisdom to build a track record by resorting to espionage. That is why Beijing was quick to deny all accusations.”

As digital technology develops, cyberattacks are increasing around the world, according to the German Institute for International and Security Affairs (SWP). SWP data shows that cyberattacks rose from 107 in 2014 to 723 in 2023.

Cyberattacks are also carried out by individuals or organized groups who wish to steal data and money.

How can countries protect themselves from cyber attacks?

The United States and China “must lead a treaty on the responsible use of cyberspace,” researchers Asimio Olayinka Adenuga and Temitope Emmanuel Abiodun of Nigeria’s Tai Solarin University Department of Political Science wrote in an article this year.

They cited the example of the treaties signed between the United States and the Soviet Union as a result of the Strategic Arms Limitation Talks, SALT I and SALT II, ​​in 1972 and 1979. The two Cold War superpowers signed treaties to establish stability between the United States and the Soviet Union by limiting their production of nuclear weapons.

Tai Solarin researchers added in their article that further technological development is needed, especially in quantum computing, which will make it difficult to carry out cyberattacks.

Victor Atkins, a fellow at the Atlantic Council think tank’s Indo-Pacific Security Initiative, wrote in a February article that the United States “should launch an expanded new multilateral coalition to share intelligence on cyber threats in the Indo-Pacific region” to combat Cyber ​​attacks from China.

“A decade ago, there were some suggestions about convening an international cybersecurity body to come up with standards or codes of conduct for participating countries to adhere to,” said Liao, the technology expert.

“However, none of these efforts have yielded results, and it is up to individual countries to protect against cyberattacks.”

Governments are currently developing cybersecurity infrastructure such as firewalls to protect themselves from cyberattacks such as hacking.

An article published by the University of Miami added that countries are using other practices to confront cyber threats. This includes testing these cyber threats in a simulated environment. The article stated, “Cyber ​​teams are constantly undergoing training similar to military training.”