The U.S. Treasury Department has announced that it has been the victim of a cyberattack. In a letter to members of the House of Representatives, the government agency responsible for managing the United States' public finances said the attack took place in early December.
The attackers targeted several workstations within the Treasury. Fortunately, the agency's confidential data did not fall into the hands of the cybercriminals. However, unclassified documents were accessed.
Third-party software as a gateway
According to the Treasury, the hackers used BeyondTrust, a third-party privileged access management software used by the organization. A few weeks ago, the software was indeed compromised and hackers gained access to some of the cloud-based remote support instances.
With the compromised API key, the hackers were able to reset the passwords of the accounts linked to certain applications and gain privileged access to various computers. At the origins of the cyberattack, we find two gaping security holes in the software. This is how the cybercriminals arrived on the computers of the Treasury, one of the customers of BeyondTrust’s support instances.
The United States accuses China
The government agency believes that this “major computer security incident” was orchestrated by China. Based on the investigation conducted by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA), the Treasury Department accuses the Chinese government of having commissioned a gang of hackers to carry out an espionage operation.
This is far from the first time that Washington has accused Beijing of cyber attacks. Last March, the United States had already attributed several major offensives on its critical infrastructure to China.
This umpteenth accusation of espionage comes as Chinese cybercriminals managed to infiltrate the networks of nine American operators. The attack, called Salt Typhoon, allowed the hackers to spy on the communications of several American politicians, including Donald Trump. China has consistently refuted the U.S. accusations.
Source: NY Times
0 Comments