Wednesday, 2 April 2025
26.8 C
Singapore
29 C
Thailand
20 C
Indonesia
26.6 C
Philippines

US Treasury Department faces major security breach

The US Treasury Department faced a cyberattack linked to a China-state-sponsored hacker exploiting third-party software. No ongoing access was found.

You may be alarmed to learn that the US Treasury Department has suffered a significant cyberattack. A China state-sponsored hacker has been linked to the breach, which exploited third-party remote management software. This unsettling incident, first reported by The New York Times, has raised serious concerns about cybersecurity in critical government agencies.

The breach details revealed

On December 8, the Treasury Department received an alert from BeyondTrust, which provides its remote management software. BeyondTrust informed the agency that a threat actor had stolen a key to secure its cloud-based service. This service is vital for technical support to Treasury employees in the Departmental Offices (DO).

The hacker bypassed security measures using the stolen key and accessed user workstations remotely. The breach also allowed them to retrieve โ€œsome unclassified documentsโ€ stored on these systems. While these documents were not classified, their exposure underscores the severity of the incident.

Following the breach, the Treasury Department immediately sought help from the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. The incident was attributed to an Advanced Persistent Threat (APT) group with links to the Chinese government.

BeyondTrustโ€™s role in the attack

The attack appears connected to an earlier incident disclosed by BeyondTrust, which affected customers using its remote support software. BeyondTrust revealed that an API key used in its software had been compromised. In response, the company revoked the API key, informed affected customers, and suspended impacted systems.

Despite the swift action, the breach underscores vulnerabilities in third-party software that could impact critical infrastructure. BeyondTrust has yet to provide additional comments on the matter despite outreach from media outlets.

Government response and strengthened defences

Michael Gwin, a spokesperson for the Treasury Department, assured the public that the compromised BeyondTrust service had been taken offline. He confirmed no evidence of ongoing access to Treasury systems or information by the threat actor.

โ€œTreasury takes all threats against our systems and the data it holds very seriously,โ€ Gwin said. He highlighted significant improvements in the agencyโ€™s cyber defences over the last four years and reaffirmed its commitment to working with public and private partners to safeguard the financial system.

This breach is a stark reminder of the persistent threats posed by state-sponsored cyberattacks. It also highlights the importance of securing third-party tools, which often serve as entry points for hackers.

Hot this week

Uwant D500 Pro Wet and Dry Vacuum Cleaner review: Designed for comfort and ease of use

The Uwant D500 Pro Wet and Dry Vacuum Cleaner offers powerful suction, real-time sterilisation, and ergonomic design for effortless cleaning. With self-cleaning, AI-powered drying, and intuitive controls, it ensures a seamless, low-maintenance experience for modern homes.

Nvidia in talks to acquire AI server rental company Lepton AI

Nvidia is reportedly in talks to acquire Lepton AI in a deal worth several hundred million dollars, expanding into AI-powered server rentals.

Instagram partners with schools to tackle online bullying and student safety

Instagram launches a new programme for schools, giving educators priority in reporting online bullying and safety concerns for quicker action.

OpenAI introduces powerful new image-creation features

OpenAI upgrades ChatGPT with GPT-4o, allowing advanced image generation and editing. The update enhances accuracy while addressing copyright concerns.

Appleโ€™s annual developer’s conference set for June

Apple confirms WWDC 2025 will take place from June 9 to 13 and will feature major software updates, possible hardware launches, and a smarter Siri.

These robot vacuums are getting smarter with Apple Home support

Appleโ€™s iOS 18.4 update adds Matter support for robot vacuums, enabling control via Apple Home. Roborock, iRobot, and Ecovacs are updating their devices.

Gmail introduces easier encryption for business emails

Google introduces a new encryption model for Gmail, making it easier for businesses to send secure emails without special software or certificates.

Nothing Phone (3a) Pro review: A mid-range marvel with standout zoom

Nothing Phone (3a) Pro blends standout design, powerful zoom camera, and smart features, making it a top choice in the mid-range segment.

Vivo challenges iPhone 16 Pro Max with X200 Ultraโ€™s video stability

Vivoโ€™s X200 Ultra teaser compares video stability with the iPhone 16 Pro Max, promising top-tier camera upgrades and advanced stabilisation.

Related Articles