Скачать или смотреть China-Backed Hackers Breach US Treasury Systems in Major Cybersecurity Incident

China-Backed Hackers Breach US Treasury Systems in Major Cybersecurity Incident
The US Treasury Department has confirmed a significant cybersecurity breach involving a China-backed hacking group that infiltrated Treasury workstations and accessed unclassified documents. Officials are calling the breach a “major incident,” underscoring its severity and potential implications.
The incident came to light on December 8, when a third-party software provider notified the Treasury of unauthorized access. According to a letter from Aditi Hardikar, assistant secretary for management at the Treasury, the attackers used a stolen key to bypass security measures, gaining remote access to certain user workstations and unclassified documents.
The breach has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor, based on available indicators. However, the full extent of the damage remains unclear.
The compromised software service, provided by BeyondTrust, has been taken offline. BeyondTrust reported that the breach occurred through its Remote Support product on December 2. Upon identifying "anomalous behavior," the company suspended and quarantined affected systems, notified impacted customers, and engaged an external cybersecurity team for further investigation.
The Treasury Department is collaborating with the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and US intelligence agencies to assess the breach's scope and mitigate future threats. Law enforcement has also been involved.
“Based on Treasury policy, intrusions attributed to advanced persistent threat actors are considered a ‘major cybersecurity incident,’” Hardikar wrote in the letter. The department is required to provide a detailed update within 30 days.
China’s Foreign Ministry has denied any involvement, labeling the accusations as “groundless.” Spokesperson Mao Ning reiterated China’s opposition to all forms of cyberattacks, accusing the US of spreading false information for political purposes.
The exact number of compromised workstations has not been disclosed, but a Treasury spokesperson confirmed that “several” were affected. Treasury officials have scheduled a classified briefing for staffers from the House Financial Services Committee to provide further details.
BeyondTrust has assured that no other products were impacted and is actively working to prevent similar incidents. The company has been updating its findings and progress on its website since December 8.
This breach highlights the persistent threat posed by state-sponsored cyberattacks on critical US government systems. It raises concerns about the vulnerability of third-party services and underscores the need for robust cybersecurity measures to protect sensitive government data.
As the investigation continues, US authorities and cybersecurity experts are working to understand the full impact of the incident and implement measures to prevent future breaches.

#breaking_news #youtube #india #shortvideo