The U.S. Treasury Department said a Chinese state-sponsored hacking operation was capable of use third-party software to access Treasury employees' desktop computers, in what the department called a “serious incident.”
In a letter seen by NBC News, Aditi Hardikar, assistant secretary for administration on the U.S. Treasury Department, wrote that the office was notified of the breach on December 8. The letter is addressed to Sen. Sherrod Brown, D-Ohio, and Sen. Tim Scott, R-S.C., the chairman and rating member, respectively, of the Banking, Housing and Urban Affairs Committee.
The information accessed by the “threat actor” included unclassified documents, in accordance with the letter.
China rejected the US allegations.
“China consistently rejects all forms of hacking attacks and strongly opposes the spread of false information for political purposes targeting China,” Foreign Ministry spokesman Mao Ning told reporters at a day by day briefing.
Hardikar wrote that the U.S. Treasury Department was notified by “a third-party software services provider, BeyondTrust, that a threat actor gained access to a key used by the provider to secure a cloud-based service that provides remote support to the Treasury Department from the Remotely Serves Offices (DO) End Users.”
With this access, the “threat actor” was capable of override certain security measures and gain access to the department’s user workstations.
The U.S. Treasury Department worked with the Cybersecurity and Infrastructure Security Agency, the FBI and other members of the intelligence community, in addition to “third-party forensic investigators to fully characterize the incident and determine its overall impact,” the letter said.
In an announcement to NBC News, a Treasury Department spokesperson cited the contents of Hardikar's letter and said that “the compromised BeyondTrust service has been taken offline” and that there may be “no evidence that the threat actor continued to gain access to the company's systems or information.” Ministry of Finance has.” “
“Treasury takes all threats to our systems and the data they store very seriously. Over the past four years, Treasury has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threat actors,” the statement reads partially.
Other agencies helped the U.S. Treasury Department conclude that the breach got here from a Chinese hacker, the letter said.
The letter states that a supplementary report will probably be provided inside 30 days.
image credit : www.cnbc.com