Thursday, 3 April 2025
31.1 C
Singapore
36.4 C
Thailand
26.7 C
Indonesia
28.6 C
Philippines

US Treasury Department faces major security breach

The US Treasury Department faced a cyberattack linked to a China-state-sponsored hacker exploiting third-party software. No ongoing access was found.

You may be alarmed to learn that the US Treasury Department has suffered a significant cyberattack. A China state-sponsored hacker has been linked to the breach, which exploited third-party remote management software. This unsettling incident, first reported by The New York Times, has raised serious concerns about cybersecurity in critical government agencies.

The breach details revealed

On December 8, the Treasury Department received an alert from BeyondTrust, which provides its remote management software. BeyondTrust informed the agency that a threat actor had stolen a key to secure its cloud-based service. This service is vital for technical support to Treasury employees in the Departmental Offices (DO).

The hacker bypassed security measures using the stolen key and accessed user workstations remotely. The breach also allowed them to retrieve โ€œsome unclassified documentsโ€ stored on these systems. While these documents were not classified, their exposure underscores the severity of the incident.

Following the breach, the Treasury Department immediately sought help from the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. The incident was attributed to an Advanced Persistent Threat (APT) group with links to the Chinese government.

BeyondTrustโ€™s role in the attack

The attack appears connected to an earlier incident disclosed by BeyondTrust, which affected customers using its remote support software. BeyondTrust revealed that an API key used in its software had been compromised. In response, the company revoked the API key, informed affected customers, and suspended impacted systems.

Despite the swift action, the breach underscores vulnerabilities in third-party software that could impact critical infrastructure. BeyondTrust has yet to provide additional comments on the matter despite outreach from media outlets.

Government response and strengthened defences

Michael Gwin, a spokesperson for the Treasury Department, assured the public that the compromised BeyondTrust service had been taken offline. He confirmed no evidence of ongoing access to Treasury systems or information by the threat actor.

โ€œTreasury takes all threats against our systems and the data it holds very seriously,โ€ Gwin said. He highlighted significant improvements in the agencyโ€™s cyber defences over the last four years and reaffirmed its commitment to working with public and private partners to safeguard the financial system.

This breach is a stark reminder of the persistent threats posed by state-sponsored cyberattacks. It also highlights the importance of securing third-party tools, which often serve as entry points for hackers.

Hot this week

Vivo challenges iPhone 16 Pro Max with X200 Ultraโ€™s video stability

Vivoโ€™s X200 Ultra teaser compares video stability with the iPhone 16 Pro Max, promising top-tier camera upgrades and advanced stabilisation.

Elon Muskโ€™s xAI acquires X for US$33 billion in an all-stock deal

Elon Muskโ€™s xAI acquires X in a US$33 billion all-stock deal, merging AI with social media for smarter user experiences.

Apple prepares for M5 iPad Pro and MacBook Pro release

Apple is set to launch the M5 iPad Pro and MacBook Pro in late 2024, with the M6 models expected to introduce an in-house modem in 2027.

Google’s Gemini 2.5 Pro AI model is now available for all users

Google's Gemini 2.5 Pro AI model is now available for all users, offering advanced coding and reasoning abilities with a free trial for Gemini Advanced.

Google Pixel 9a arrives in Singapore this April for S$799

The Google Pixel 9a launches in Singapore in April 2025 with a Tensor G4 chip, 48MP camera, and seven years of updates, starting at S$799.

YouTube expands shopping affiliate programme in Singapore through Shopee partnership

YouTube teams up with Shopee to launch its Shopping affiliate programme in Singapore, giving creators new ways to monetise their content.

Misconceptions about STEM careers continue to deter young women in Singapore

New research shows stereotypes and lack of support are deterring young women from STEM careers, posing a risk to Singaporeโ€™s innovation goals.

Synagie and HKT launch ShopHK to help Hong Kong brands expand into Southeast Asia

Synagie and HKT launch ShopHK, helping Hong Kong SMEs tap into Southeast Asia's booming US$600 billion e-commerce market.

Informatica introduces new AI features to boost cloud data integration and management

Informatica adds AI tools to simplify data integration and improve enterprise access to AI-ready data across its cloud platform.

Related Articles