Thursday, 24 April 2025
26.8 C
Singapore
29.9 C
Thailand
19.5 C
Indonesia
28.8 C
Philippines

US Treasury Department faces major security breach

The US Treasury Department faced a cyberattack linked to a China-state-sponsored hacker exploiting third-party software. No ongoing access was found.

You may be alarmed to learn that the US Treasury Department has suffered a significant cyberattack. A China state-sponsored hacker has been linked to the breach, which exploited third-party remote management software. This unsettling incident, first reported by The New York Times, has raised serious concerns about cybersecurity in critical government agencies.

The breach details revealed

On December 8, the Treasury Department received an alert from BeyondTrust, which provides its remote management software. BeyondTrust informed the agency that a threat actor had stolen a key to secure its cloud-based service. This service is vital for technical support to Treasury employees in the Departmental Offices (DO).

The hacker bypassed security measures using the stolen key and accessed user workstations remotely. The breach also allowed them to retrieve “some unclassified documents” stored on these systems. While these documents were not classified, their exposure underscores the severity of the incident.

Following the breach, the Treasury Department immediately sought help from the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. The incident was attributed to an Advanced Persistent Threat (APT) group with links to the Chinese government.

BeyondTrust’s role in the attack

The attack appears connected to an earlier incident disclosed by BeyondTrust, which affected customers using its remote support software. BeyondTrust revealed that an API key used in its software had been compromised. In response, the company revoked the API key, informed affected customers, and suspended impacted systems.

Despite the swift action, the breach underscores vulnerabilities in third-party software that could impact critical infrastructure. BeyondTrust has yet to provide additional comments on the matter despite outreach from media outlets.

Government response and strengthened defences

Michael Gwin, a spokesperson for the Treasury Department, assured the public that the compromised BeyondTrust service had been taken offline. He confirmed no evidence of ongoing access to Treasury systems or information by the threat actor.

“Treasury takes all threats against our systems and the data it holds very seriously,” Gwin said. He highlighted significant improvements in the agency’s cyber defences over the last four years and reaffirmed its commitment to working with public and private partners to safeguard the financial system.

This breach is a stark reminder of the persistent threats posed by state-sponsored cyberattacks. It also highlights the importance of securing third-party tools, which often serve as entry points for hackers.

Hot this week

Enterprises accelerate adoption of AI agents despite concerns over data privacy and fairness

Cloudera survey finds 96% of global enterprises plan to expand AI agents, with Singapore leading adoption but facing fairness concerns.

Apple’s iPhone sales drop in China amid growing trade tensions

Apple’s iPhone sales in China fell 9% as local brands grew, and trade tensions created more uncertainty for the smartphone market.

Qualcomm unveils new Snapdragon 8s Gen 4 with high-end features for less

Qualcomm quietly unveils the Snapdragon 8s Gen 4 with high-end features and strong performance for next-gen smartphones at a lower price.

Taobao joins DHgate in Top 5 as US shoppers turn to Chinese apps

Chinese shopping apps DHgate and Taobao hit the US App Store’s Top 5 as shoppers seek luxury alternatives at lower prices via viral TikTok trends.

Why OpenAI chose Windsurf after Cursor said no to being bought

OpenAI considered buying Cursor but moved on to Windsurf with a US$3B offer after Cursor’s parent company, Anysphere, chose to stay independent.

POCO launches entry-level C71 smartphone in Singapore with premium features

POCO launches the budget-friendly C71 smartphone in Singapore, offering premium design, enhanced cameras, and smooth performance at S$109.

NVIDIA uses AI to address climate, wildlife and disaster risks

NVIDIA’s AI tools support climate action, wildlife monitoring, and disaster risk mitigation, with uses spanning sea, land, sky and space.

Netflix raises subscription prices in Singapore again

Netflix again raises subscription prices in Singapore, with new rates for all plans and extra member slots.

GameMax unveils Blade Concept ATX case with bold design and powerful features

GameMax launches the Blade Concept ATX case, which features a striking blade design, RGB lighting, and support for high-end liquid-cooled PC builds.

Related Articles

Popular Categories