As a seasoned cybersecurity researcher with over two decades of experience under my belt, I find it disheartening yet unsurprising that state-sponsored Advanced Persistent Threat (APT) actors continue to infiltrate critical infrastructure such as the US Treasury. The ongoing cat-and-mouse game between cybersecurity professionals and these threat actors is a testament to the ever-evolving nature of cyber threats and the need for continuous vigilance.
The breach at the US Treasury, attributed to a Chinese state-sponsored APT actor, underscores the importance of multi-layered security strategies and the need for constant monitoring and updating of systems. It is crucial that organizations like the Treasury not only invest in advanced security solutions but also prioritize employee training on cybersecurity best practices to minimize the risk of human error.
The fact that the compromised service has since been taken offline is a positive step, but the investigation into the incident must continue thoroughly and transparently. Collaboration between government agencies, private sector entities, and third-party forensic investigators will be essential in understanding the full extent of the breach and mitigating future risks.
It seems that 2024 has been a banner year for cybercriminals, with hackers making off with billions of dollars worth of crypto assets across numerous incidents. I can’t help but wonder if these cybercriminals are using their ill-gotten gains to fund the next big heist – perhaps a daring raid on Fort Knox or an attempt to steal the Mona Lisa!
In all seriousness, the increasing number of access control breaches in the crypto industry serves as a stark reminder that no organization is immune to cyber threats. Let’s hope that lessons are learned from these incidents and proactive measures are taken to protect sensitive information and critical infrastructure from future attacks.
It’s been stated that the Chinese government has avoided taking blame following a cyberattack on employee computers at the U.S. Treasury earlier this month. This incident granted the hacker remote entry to specific “unclassified” files.
According to reports, U.S. Treasury officials revealed in a December 30th letter that they learned about a significant event from a third-party software service provider named BeyondTrust on December 8th.
According to a statement made by Aditi Hardikar, Assistant Secretary for Management at the U.S. Treasury, who spoke to TechCrunch, CNN, and others, indications suggest that the incident was carried out by a Chinese state-backed cyber threat group known as an Advanced Persistent Threat (APT) actor.
China asserts they are not accountable for the attack, stating to Reuters that they strongly reject unfounded accusations from the U.S. made without any solid evidence.
In the meantime, the faulty service was shut down, as confirmed by Hardikar to U.S. Senator Sherrod Brown and Ranking Member Tim Scott.
“There is no evidence indicating the threat actor has continued access to Treasury systems or information.”
Financial experts are collaborating with the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, U.S. intelligence units, and external investigative teams specializing in digital forensics to delve deeper into this case.
CryptoMoon reached out to the US Treasury but didn’t receive an immediate response.
How the breach happened
On December 2nd, BeyondTrust detected an unusual occurrence in their Remote Support product. After verifying this strange activity on December 5th, they promptly deactivated the API key and alerted affected customers shortly thereafter.
Authorities were informed and BeyondTrust has been assisting with the investigation,” said a representative from BeyondTrust, as reported by CryptoMoon.
Additional information will be disclosed within a 30-day supplementary report, which the Treasury is legally required to submit according to the Federal Information Security Modernization Act.
After the Salt Typhoon hack, as reported by The Guardian, it was discovered that cybercriminals had gained unauthorized access to phone conversations and text messages of lawmakers, involving calls and SMS communications.
According to CNN, it’s being reported that Treasury officials will likely convene a secret meeting next week for members of the House Financial Services Committee regarding the recent security incident.
2024 saw an escalation of cyber thefts in the cryptocurrency sector, with crooks making off with approximately $2.3 billion worth of digital assets during 165 significant incidents. This represents a 40% jump compared to the number of incidents in 2023, as reported by blockchain security firm Cyvers.
The significant jump by about 40% was predominantly due to a surge in unauthorized access incidents, especially on centralized trading platforms and custodial services.
Read More
- HBAR PREDICTION. HBAR cryptocurrency
- IMX PREDICTION. IMX cryptocurrency
- ZIG PREDICTION. ZIG cryptocurrency
- STEEM PREDICTION. STEEM cryptocurrency
- 15 Games Everyone Wants Sequels For
- EUR AED PREDICTION
- POL PREDICTION. POL cryptocurrency
- LDO PREDICTION. LDO cryptocurrency
- XDC PREDICTION. XDC cryptocurrency
- BDX PREDICTION. BDX cryptocurrency
2024-12-31 07:20