The US-China Cyber Attack has left the US Treasury Department reeling. Earlier this month, a Chinese state-sponsored hacker broke into the department’s systems, accessing employee workstations and unclassified documents. The Treasury Department has deemed this breach a major incident.
American officials stated that the hackers accessed the Treasury Department’s systems through a third-party service provider called BeyondTrust. The application offers remote technical support to employees, but the hackers were able to override security using a stolen key.
The compromised service has since been taken offline, and there is no evidence to suggest the hackers have continued to access Treasury Department information. The Treasury Department is working with the FBI, Cybersecurity and Infrastructure Security Agency, and third-party forensic investigators to determine the overall impact of the hack.
Initial investigations suggest the hack was carried out by a China-based Advanced Persistent Threat (APT) actor. The Treasury Department takes all threats against their systems seriously and will continue to work on protecting their data from outside threats.
A supplemental report on the incident will be provided to lawmakers in 30 days. The Chinese embassy found it difficult to trace the hackers’ origin.
The US-China Cyber Attack is a stark reminder of the ongoing cyber threats faced by the US government. As the investigation continues officials are working to strengthen cybersecurity measures and prevent similar breaches in the future. The incident has also raised concerns about the vulnerability of third-party service providers and the need for increased vigilance in protecting sensitive information.
