US Treasury Department Admits It Got Hacked by China

May Be Interested In:The Black Death was spread by Mongol troops in the Middle East a century before it wiped out half of Britons in the 1300s, study suggests


“I cannot believe that we’re seeing command injection vulnerabilities in 2024 in any products, let alone a secure remote access product that’s supposed to have additional vetting for use by the US government,” says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy and a former NSA hacker. “They are some of the easiest bugs to identify and remediate at this point.”

BeyondTrust is an accredited “Federal Risk and Authorization Management Program” vendor, but Williams speculates that it is possible that the Treasury was using a non-FedRAMP version of the company’s Remote Support and Privileged Remote Access cloud products. If the breach actually affected FedRAMP-certified cloud infrastructure, though, Williams says, “it might be the first breach of one and almost certainly the first time FedRAMP cloud tools were abused to facilitate remote access to a customer’s systems.”

The breach comes as US officials have been scrambling to address a massive espionage campaign compromising US telecoms that has been attributed to the China-backed hacking group known as Salt Typhoon. White House officials told reporters on Friday that Salt Typhoon breached nine US telecoms.

“We wouldn’t leave our homes, our offices, unlocked and yet our critical infrastructure—the private companies owning and operating our critical infrastructure—often do not have the basic cybersecurity practices in place that would make our infrastructure riskier, costlier, and harder for countries and criminals to attack,” Anne Neuberger, deputy national security adviser for cyber and emerging technology, said on Friday.

Treasury, CISA, and FBI officials did not respond to WIRED’s questions about whether the actor that breached the Treasury was specifically Salt Typhoon. Treasury officials said in the disclosure to Congress that they would provide more information about the incident in the Department’s mandated 30-day supplemental notification report. As details continue to emerge, Hunter Strategy’s Williams says that the scale and scope of the breach may be even larger than it currently appears.

“I expect the impact to be more significant than access to just a few unclassified documents,” he says.

share Share facebook pinterest whatsapp x print

Similar Content

Goliath was a biblical warrior said to be of gigantic proportions - but just how big was the Philistine champion? (artist's impression)
How tall was Goliath? Scientists reveal the surprising height of the Biblical giant
Blue Origin's New Glenn set for first launch on Jan 10
Blue Origin’s New Glenn set for first launch on Jan 10
Cisco Live 2025
Cisco Live! 2025 – all the news and updates as they happen
Google News
Google News
Nigeria: dozens die in stampedes at two separate food distributions
Nigeria: dozens die in stampedes at two separate food distributions
When I asked my coworker out on a date, he rejected me. I'm still glad I put myself out there.
When I asked my coworker out on a date, he rejected me. I’m still glad I put myself out there.
Uncovering the Untold: Where the Real Stories Lie | © 2024 | Daily News