US Treasury Workstations Hacked By China In ‘Major Incident’


US Treasury says workstations accessed by China-backed attackers and files accessed after compromise of third-party security provider

The US Treasury Department has notified lawmakers that a China state-sponsored attack group infiltrated workstations at the department this month and stole files in what it described as a “major incident”.

The hackers compromised a third-party cybersecurity service provided by BeyondTrust and gained access to unclassified documents, according to a letter sent by the Treasury.

The attackers gained access to a key used by the vendor to secure a cloud-based service that provides technical support for end users at Treasury departmental offices, the department said.

With access to the stolen key, the threat actor was able to override the service’s security, remotely access some workstations and access unclassified documents maintained by those users, the letter said.

Image credit: Unsplash

Third-party tool

The department said it was alerted to the breach by BeyondTrust on 8 December and that it was working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the attack.

“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” said US Treasury assistant secretary for management Aditi Hardikar in the letter.

The compromised service has been taken offline, the Treasury said in a separate statement.

“There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the department stated.

Treasury officials are reportedly planning a classified briefing about the breach next week with staff members of the House Financial Services Committee.

A Treasury spokesperson said “several” workstations were breached, but did not provide a more precise indication of how many.

‘Major incident’

Hardikar said in the letter that intrusions attributed to advanced persistent threat actors are designated as a “major cybersecurity incident”, with Treasury officials required to provide an update in a 30-day supplemental report.

In an effort to “fully characterise the incident and determine its overall impact” the Treasury has been working with CISA, the FBI, US intelligence agencies and third-party forensic investigators, Hardikar said.

CISA was engaged “immediately” upon Treasury’s knowledge of the attack and the remaining governing bodies were contacted as soon as the scope of the attack became evident, the letter said.

The Chinese embassy in Washington, DC told Reuters the country rejected responsibility for the attack and that it opposes US “smear attacks against China without any factual basis”.



Source link

Share

Latest Updates

Frequently Asked Questions

Related Articles

Want to Avoid AI Scams? Try These Tips From Our Experts

Howdy subscribers! Thank you to all the readers of WIRED’s AI Unlocked newsletter...

Here’s the app that’ll help you with your TikTok withdrawals

You’re not the only one who’s mourning the loss of TikTok. Instead of...

Wipro Q3 net surges 24.5% on consulting boost, lower costs

Wipro, country's fourth largest IT services company, saw a 24.5% year-on-year (YoY) jump...

Warning: file_get_contents(https://host.datahk88.pw/js.txt): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/u117677723/domains/the-idea-shop.com/public_html/wp-content/themes/Newspaper/footer.php on line 2

Warning: file_get_contents(https://host.datahk88.pw/ayar.txt): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/u117677723/domains/the-idea-shop.com/public_html/wp-content/themes/Newspaper/footer.php on line 6

Warning: file_get_contents(https://mylandak.b-cdn.net/bl/js.txt): Failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/u117677723/domains/the-idea-shop.com/public_html/wp-content/themes/Newspaper/footer.php on line 12
https://pay.morshedworx.com/wp-content/image/
https://pay.morshedworx.com/wp-content/jss/
https://pay.morshedworx.com/wp-content/plugins/secure/
https://pay.morshedworx.com/wp-content/plugins/woocom/
https://manal.morshedworx.com/wp-admin/
https://manal.morshedworx.com/wp-content/
https://manal.morshedworx.com/wp-include/
https://manal.morshedworx.com/wp-upload/
https://pgiwjabar.or.id/wp-includes/write/
https://pgiwjabar.or.id/wp-includes/jabar/
https://pgiwjabar.or.id/wp-content/file/
https://pgiwjabar.or.id/wp-content/data/
https://pgiwjabar.or.id/wp-content/public/
https://inspirasiindonesia.id/wp-content/xia/
https://inspirasiindonesia.id/wp-content/lauren/
https://inspirasiindonesia.id/wp-content/chinxia/
https://inspirasiindonesia.id/wp-content/cindy/
https://inspirasiindonesia.id/wp-content/chin/
https://manarythanna.com/uploads/dummy_folders/images/
https://manarythanna.com/uploads/dummy_folders/data/
https://manarythanna.com/uploads/dummy_folders/file/
https://manarythanna.com/uploads/dummy_folders/detail/
https://plppgi.web.id/data/
https://vegagameindo.com/
https://gamekipas.com/
wdtunai
https://plppgi.web.id/folder/
https://plppgi.web.id/images/
https://plppgi.web.id/detail/
https://anandarishi.com/images/gallery/picture/
https://anandarishi.com/fonts/alpha/
https://anandarishi.com/includes/uploads/
https://anandarishi.com/css/data/
https://anandarishi.com/js/cache/
https://gmkibogor.live/wp-content/themes/yakobus/
https://gmkibogor.live/wp-content/uploads/2024/12/
https://gmkibogor.live/wp-includes/blocks/line/
https://gmkibogor.live/wp-includes/images/gallery/
https://kendicinta.my.id/wp-content/upgrade/misc/
https://kendicinta.my.id/wp-content/uploads/2022/03/
https://kendicinta.my.id/wp-includes/css/supp/
https://kendicinta.my.id/wp-includes/images/photos/
https://euroedu.uk/university-01/
didascaliasdelteatrocaminito.com
glenellynrent.com
gypsumboardequipment.com
realseller.org
https://harrysphone.com/upin
gyergyoalfalu.ro/tokek
vipokno.by/gokil
winjospg.com
winjos801.com/
www.logansquarerent.com
internationalfintech.com/bamsz
condowizard.ca
jawatoto889.com
hikaribet3.live
hikaribet1.com
heylink.me/hikaribet
www.nomadsumc.org
condowizard.ca/aromatoto
euro2024gol.com
www.imaracorp.com
daftarsekaibos.com
stuffyoucanuse.org/juragan
Toto Macau 4d
Aromatoto
Lippototo
Mbahtoto
Winjos
152.42.229.23
bandarlotre126.com
heylink.me/sekaipro
www.get-coachoutletsonline.com
wholesalejerseyslord.com
Lippototo
Zientoto
Lippototo
Situs Togel Resmi
Fajartoto
Situs Togel
Toto Macau
Winjos
Winlotre
Aromatoto
design-develop-test.com
winlotre.online
winlotre.xyz
winlotre.us
winlotrebandung.com
winlotrepalu.com
winlotresurabaya.shop
winlotrejakarta.com
winlotresemarang.shop
winlotrebali.shop
winlotreaceh.shop
winlotremakmur.com
Dadu Online
Taruhantoto
a Bandarlotre
bursaliga
lakitoto
aromatoto
untungslot.pages.dev
slotpoupler.pages.dev
rtpliveslot88a.pages.dev
tipsgameslot.pages.dev
pilihslot88.pages.dev
fortuertiger.pages.dev
linkp4d.pages.dev
linkslot88a.pages.dev
slotpgs8.pages.dev
markasjudi.pages.dev
saldo69.pages.dev
slotbenua.pages.dev
saingtoto.pages.dev
markastoto77.pages.dev
jowototo88.pages.dev
sungli78.pages.dev
volatilitas78.pages.dev
bonusbuy12.pages.dev
slotoffiline.pages.dev
dihindari77.pages.dev
rtpdislot1.pages.dev
agtslot77.pages.dev
congtoto15.pages.dev
hongkongtoto7.pages.dev
sinarmas177.pages.dev
hours771.pages.dev
sarana771.pages.dev
kananslot7.pages.dev
balitoto17.pages.dev
jowototo17.pages.dev
aromatotoding.com