Chinese state-sponsored hackers breached the U. S. Treasury Department's computer security in a major incident this month, stealing documents. The hackers accessed unclassified documents by compromising the third-party cybersecurity provider, BeyondTrust. They gained access to a key used for a cloud-based service that provides technical support, allowing them to override security and access Treasury Department user workstations.
The incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor. The Treasury Department was informed of the breach by BeyondTrust on December 8 and is working with the U. S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to evaluate the impact.
China's foreign ministry denied responsibility for the breach, stating it opposes hacker attacks and criticizing U. S. claims. BeyondTrust acknowledged the security incident, saying they took steps to address it and notified affected customers and law enforcement. A cybersecurity expert remarked that this breach fits a pattern of Chinese groups abusing trusted third-party services.
No comments:
Post a Comment