Treasury
-
Blog
12 Chinese hackers charged with US Treasury breach — and much, much more
The Department of Justice (DOJ) announced today it has criminally charged 12 Chinese nationals it says are behind attacks that hit more than 100 US organizations, including the Treasury, in a string of attacks going as far back as 2013. The DOJ accuses the people of carrying out their attacks either on their own or at the behest of the…
Read More » -
Blog
Musk furious as judge shuts down DOGE access to Treasury payment system – Computerworld
Engelmayer’s answer, for now at least, is not far at all: only staff within the Treasury with the correct security clearance should be granted access to servers containing sensitive citizen and personal data. Not surprisingly, as it continues its campaign to refashion and downsize the federal workforce, the White House was derisive of the ruling and the legal suit that…
Read More » -
Blog
Federal judge blocks DOGE from accessing sensitive Treasury records
A federal judge temporarily blocked Elon Musk’s DOGE from accessing Treasury Department records containing personal information like Social Security numbers early this morning, reports Inner City Press. The order is in response to a lawsuit filed yesterday in New York’s Southern District Court. The suit alleges that the administration exceeded its authority, broke the US Administrative Procedures Act, and violated…
Read More » -
Blog
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. “Yin Kecheng has been a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State…
Read More » -
Blog
Treasury hackers also breached US foreign investments review office
Silk Typhoon Chinese state-backed hackers have reportedly breached a Treasury Department office that reviews foreign investments for national security risks. CNN reported on Friday, citing U.S. officials familiar with the matter, that the attackers gained access to the Committee on Foreign Investment in the United States (CFIUS) systems. The CFIUS is a government office and interagency committee authorized to review foreign investment…
Read More » -
Blog
CISA says recent government hack limited to US Treasury
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that the Treasury Department breach disclosed last week did not impact other federal agencies. “At this time, there is no indication that any other federal agencies have been impacted by this incident,” CISA said. “CISA continues to monitor the situation and coordinate with relevant federal authorities to ensure a comprehensive response.” The Treasury…
Read More » -
Blog
China-Linked Cyber Threat Group Hacks US Treasury Department
A Chinese-state-sponsored cyberattack compromised the U.S. Treasury, gaining access to classified documents through a vulnerability through third-party cybersecurity provider BeyondTrust. The breach, revealed on Dec. 31, underscores the growing sophistication of state-backed cyber espionage efforts. “Treasury takes very seriously all threats against our systems, and the data it holds,” a department spokesperson said in a statement. “Over the last four…
Read More » -
Blog
Chinese hackers targeted sanctions office in Treasury attack
Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. OFAC was created in December 1950, blocking all Chinese and North Korean assets under U.S. jurisdiction after China entered the Korean War. In a letter sent to Congress this week, the Treasury Department disclosed…
Read More » -
Blog
Chinese threat actors breached the US Treasury in ‘major incident’ – here’s what you need to know
Chinese threat actors were able to access highly sensitive information held by the US Treasury Department after compromising a third party service used for remote IT support. On 8 December, cybersecurity firm BeyondTrust warned users it had discovered an API key for its remote support SaaS solution had been compromised. The stolen key could allow threat actors to trigger password…
Read More » -
Blog
US Treasury Department breached through remote support platform
Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. In a letter sent to lawmakers and seen by the New York Times, the Treasury Department warned lawmakers it was first notified of the breach on December 8th by its vendor BeyondTrust. BeyondTrust is a privileged access management company that also…
Read More »