Thursday, 3 April 2025
25.7 C
Singapore
28.2 C
Thailand
20.8 C
Indonesia
26.9 C
Philippines

US Treasury Department faces major security breach

The US Treasury Department faced a cyberattack linked to a China-state-sponsored hacker exploiting third-party software. No ongoing access was found.

You may be alarmed to learn that the US Treasury Department has suffered a significant cyberattack. A China state-sponsored hacker has been linked to the breach, which exploited third-party remote management software. This unsettling incident, first reported by The New York Times, has raised serious concerns about cybersecurity in critical government agencies.

The breach details revealed

On December 8, the Treasury Department received an alert from BeyondTrust, which provides its remote management software. BeyondTrust informed the agency that a threat actor had stolen a key to secure its cloud-based service. This service is vital for technical support to Treasury employees in the Departmental Offices (DO).

The hacker bypassed security measures using the stolen key and accessed user workstations remotely. The breach also allowed them to retrieve โ€œsome unclassified documentsโ€ stored on these systems. While these documents were not classified, their exposure underscores the severity of the incident.

Following the breach, the Treasury Department immediately sought help from the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. The incident was attributed to an Advanced Persistent Threat (APT) group with links to the Chinese government.

BeyondTrustโ€™s role in the attack

The attack appears connected to an earlier incident disclosed by BeyondTrust, which affected customers using its remote support software. BeyondTrust revealed that an API key used in its software had been compromised. In response, the company revoked the API key, informed affected customers, and suspended impacted systems.

Despite the swift action, the breach underscores vulnerabilities in third-party software that could impact critical infrastructure. BeyondTrust has yet to provide additional comments on the matter despite outreach from media outlets.

Government response and strengthened defences

Michael Gwin, a spokesperson for the Treasury Department, assured the public that the compromised BeyondTrust service had been taken offline. He confirmed no evidence of ongoing access to Treasury systems or information by the threat actor.

โ€œTreasury takes all threats against our systems and the data it holds very seriously,โ€ Gwin said. He highlighted significant improvements in the agencyโ€™s cyber defences over the last four years and reaffirmed its commitment to working with public and private partners to safeguard the financial system.

This breach is a stark reminder of the persistent threats posed by state-sponsored cyberattacks. It also highlights the importance of securing third-party tools, which often serve as entry points for hackers.

Hot this week

DEEPAL launches flagship S07 and opens showroom in Singapore

DEEPAL launches in Singapore with new showroom and flagship S07 electric SUV, marking its sixth global market.

Chinese investor questions commercial future of humanoid robots

Chinese venture capitalist Allen Zhu questions the commercial potential of humanoid robots, sparking debate amid rising AI investment in China.

Huawei reports 38% revenue surge as smartphone sales soar

Despite US sanctions, Huaweiโ€™s consumer business revenue surged 38% in 2024, driven by strong smartphone sales and home-grown chip production.

Mobvistaโ€™s XMP and AdsPolar recognised as Meta AdTech Business Partners

Mobvistaโ€™s XMP and AdsPolar gain Meta AdTech Partner status, giving users early access to tools, insights, and expert campaign support.

Microsoft removes Windows 11 loophole for skipping account setup

Microsoft is blocking a well-known workaround that lets you set up Windows 11 without a Microsoft account, enforcing stricter installation rules.

Qualcomm expands AI research with MovianAI acquisition

Qualcomm has acquired Vietnamese AI research firm MovianAI to boost its AI development in smartphones, PCs, and software-defined vehicles.

Roblox introduces new parental controls to enhance child safety

Roblox introduces new parental controls, allowing parents to block games, restrict friends, and monitor their childโ€™s activity for better safety.

Anthropic introduces Claude for Education, a new AI chatbot plan for universities

Anthropic launches Claude for Education, an AI chatbot plan for universities that offers advanced learning tools and administration support.

Exabeam introduces Nova, an agentic AI that boosts cybersecurity operations

Exabeam unveils Nova, a proactive AI agent that boosts security team productivity and reduces incident investigation time by over 50%.

Related Articles