One Article Review
| Source |  Techworm |
|---|---|
| Identifiant | 8634597 |
| Date de publication | 2025-01-07 23:28:48 (vue: 2025-01-07 18:53:40) |
| Titre | CISA: Recent Government Hack Only Affected US Treasury |
| Texte | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said that last week\'s cybersecurity incident was only limited to the U.S. Department of the Treasury, and had no wider government impact.
“At this time, there is no indication that any other federal agencies have been impacted by this incident. CISA continues to monitor the situation and coordinate with relevant federal authorities to ensure a comprehensive response,” the CISA said in a statement issued on Monday.
This update follows the US Treasury Department’s disclosure last Monday about a Chinese state-sponsored hacker breach of its agency\'s workstations in early December, which it described as a “major cybersecurity incident.” The cybercriminals had compromised BeyondTrust, a third-party vendor that provides identity and remote support for Treasury workstations.
In a letter shared with senior U.S. House lawmakers last week, the agency said that BeyondTrust notified them of the breach on December 8th.
According to the letter, the Chinese state-sponsored hackers used a Remote Support SaaS API key stolen from BeyondTrust to override the service\'s security, remotely access certain Treasury Departmental Offices (DO) user workstations, and access certain unclassified documents maintained by the employees. However, it is unclear how the BeyondTrust key was stolen.
“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor. In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident,” the letter added.
In a statement this Monday, CISA said it “is working closely with the Treasury Department and BeyondTrust to understand and mitigate the impacts of the recent cybersecurity incident.”
The federal cyber watchdog added, “The security of federal systems and the data they protect is of critical importance to our national security. We are working aggressively to safeguard against any further impacts and will provide updates, as appropriate.”
In accordance with legal requirements, the Treasury Department has committed to providing lawmakers with an update within 30 days.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said that last week\'s cybersecurity incident was only limited to the U.S. Department of the Treasury, and had no wider government impact. “At this time, there is no indication that any other federal agencies have been impacted by this incident. CISA continues to monitor the situation and coordinate with relevant federal authorities to ensure a comprehensive response,” the CISA said in a statement issued on Monday. This update follows the US Treasury Department’s disclosure last Monday about a Chinese state-sponsored hacker breach of its agency\'s workstations in early December, which it described as a “major cybersecurity incident.” The cybercriminals had compromised BeyondTrust, a third-party vendor that provides identity and remote support for Treasury workstations. In a letter shared with senior U.S. House lawmakers last week, the agency said that BeyondTrust notified them of the breach on December 8th. According to the letter, the Chinese state-sponsored hackers used a Remote Support SaaS API key stolen from BeyondTrust to override the service\'s security, remotely access certain Treasury Departmental Offices (DO) user workstations, and access certain unclassified documents maintained by the employees. However, it is unclear how the BeyondTrust key was stolen. “Based on ava |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | “at “based “major 8th about access accordance according actor added advanced affected against agencies agency aggressively any api appropriate apt are attributable attributed authorities available been beyondtrust breach certain china chinese cisa cisa: closely committed comprehensive compromised considered continues coordinate critical cyber cybercriminals cybersecurity data days december department department’s departmental described disclosure documents early employees ensure federal follows from further government hack hacker hackers had has have house how however identity impact impacted impacts importance incident indication indicators infrastructure intrusions issued its key last lawmakers legal letter limited maintained major mitigate monday monitor national notified offices only other override party persistent policy protect provide provides providing recent relevant remote remotely requirements response saas safeguard said security senior service shared situation sponsored state statement stolen support systems them third threat time treasury unclassified unclear understand update updates used user vendor watchdog week which wider will within working workstations “is “the |
| Tags | Hack Threat Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.