US Treasury Hit by Significant Cyberattack, Suspects Chinese Involvement
The U.S. Treasury has informed lawmakers of a considerable cybersecurity breach which occurred earlier in December, attributing the attack to Chinese state hackers, though specific identities remain undisclosed. The detailed glimpse into the cyber onslaught came via a communique viewed by TechCrunch, wherein lawmakers were enlightened about the cybercriminals’ successful remote access to Treasury workstations and unclassified documents.
Details of the Hack Unfolds
The Treasury gained familiarity with the compromising incident on December 8, informed by BeyondTrust, a spearheading entity in identity access and remote support technology mainly serving large organizations and governmental departments. The cyber culprits reportedly got hold of a key, integral to granting remote access technical support to Treasury employees, utilized by this vendor.
However, the technique of obtaining this key has not been elaborated yet. BeyondTrust, while refraining from providing a detailed explanation of the cyber misdemeanors back then, chose not to comment on the matter as of the present context.
Plan and Actions for Mitigation
Following the exposure of the incident, the department initiated assistance from the U.S. cybersecurity agency, CISA, in tackling the cyberspace menace. Given the current situation, the Treasury, on a positive note, mentioned that there is no evidence suggesting the continuation of its data vulnerability to the threat actor.
The breach, as per Treasury’s observations, seemed to be the handiwork of an advanced persistent threat group sponsored by China, indicating backing from the Chinese government. Treasury spokesperson Michael Gwin asserted the seriousness of the issue, emphasizing measures taken to fortify its cyber defense in recent years and the intent to collaborate with public and private sectors for better protection of the financial system.
Broader Pattern of Cyberattacks Linked to China
The latest compromise is not the first instance of a Chinese-connected cyber assault targeting the U.S. government. Previously, China-backed cybercriminal group Salt Tycoon launched attacks on U.S. telecom and internet giants like AT&T and Verizon, attempting to infiltrate the private communications of top U.S. government officials, inclusive of presidential candidates.
The spokesperson for the Chinese Embassy in Washington D.C., Liu Pengyu, however, negated the U.S. government's attribution of the cyberattack to the Chinese government. He stressed that the United States is yet to present substantial evidence supporting its claims.
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now