1. Forum
  2. FIDO
  3. POLITICS

  • US Treasury - major hack

    From Mike Powell@1:2320/105 to All on Tue Dec 31 10:44:00 2024
    US Treasury declares major incident after apparent state-sponsored Chinese
    hack

    Date:
    Tue, 31 Dec 2024 11:35:09 +0000

    Description:
    Documents reportedly stolen in security breach targeting the US Treasury Department.

    FULL STORY

    The US Treasury Department has confirmed that documents have been stolen and systems have been breached in a cyber attack that it has dubbed a major incident. The compromise occurred through a third party cybersecurity service provider, BeyondTrust, which allowed remote access to key systems.

    Through this system, hackers were able to gain access used by the vendor to override parts of the Treasury Departments systems, the agency confirmed in a disclosure letter to Congress. The third-party system, which ordinarily
    offers remote technical support to employees, has since been taken offline.

    Initial assessments by the agency suggest the attack was carried out by a China-based Advanced Persistent Threat Actor, officials said. China has
    called the accusation baseless, and said it "consistently opposes all forms
    of hacking".

    A short-lived breach

    Suspicious activity was first spotted on December 2, and the Treasury was
    made aware of the hack on December 8 by BeyondTrust, although it took the company three days to determine that it had been breached.

    Its not clear what type of files were taken, or what these files relate to,
    but more details are expected to be revealed in the Treasurys 30-day supplemental report.

    This attack follows a huge telecoms breach which targeted 9 major US telecommunications firms and compromised millions of individuals.

    The telecoms breach, attributed to Chinese state-sponsored group, Salt
    Typhoon, resulted in a vow of retribution from President-elect Trump, and
    China also denied wrongdoing relating to this hack.

    "The US needs to stop using cyber security to smear and slander China, and
    stop spreading all kinds of disinformation about the so-called Chinese
    hacking threats," said embassy spokesman for the Chinese embassy in
    Washington DC, Liu Pengyu.

    Via BBC

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/us-treasury-declares-major-incident-aft er-apparent-state-sponsored-chinese-hack

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)