BY C STONE |STONE NEWS NETWORK
On December 8th, according to multiple news sources, the U.S. Treasury was informed by their 3rd party software provider that a threat actor had used a security key to remotely access treasury workstations and unclassified information.
It appears to be attributed to a Chinese state-sponsored advanced persistent threat hacker. The service has been taken offline and are working with law enforcement and cybersecurity teams, and the NSA.
The depth and scope of this breach has not been determined yet. BeyondTrust claimed hackers gained access to a key used by the vendor to secure cloud-based services used for technical support.
“With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury [Departmental Office] user workstations, and access certain unclassified documents maintained by those users,” the Treasury letter said.
“CISA was engaged immediately upon Treasury’s knowledge of the attack, and the remaining governing bodies were contacted as soon as the scope of the attack became evident,” the letter said.
Comments
Post a Comment