The U.S. The Cybersecurity and Infrastructure Safety Agency (CISA) quickly confirmed that the Treasury Department breach announced last week did not have a ripple effect on other federal agencies.
Currently, there is no evidence suggesting that any other federal agencies have been affected by this incident.
The Treasury Division revealed on Monday that Chinese authorities were behind a significant cybersecurity breach, which compromised a BeyondTrust event used by the federal agency through the exploitation of a stolen Remote Assistance Software as a Service (SaaS) API key.
The company disclosed in a letter to Congress that it was initially informed by its third-party supplier, BeyondTrust, about the breach on December 8th.
While primarily driven by available data, analysts have concluded that the event is linked to a Chinese state-backed Advanced Persistent Threat (APT) group. In line with Treasury guidelines, instances of unauthorized access caused by Advanced Persistent Threats (APTs) are considered major cyber-attacks.
Since then, U.S. Law enforcement authorities have disclosed that hackers specializing in acquiring intelligence on Chinese-language individuals and entities for the purpose of enforcing US-based commerce and financial sanctions are increasingly prevalent. may contemplate sanctioning.
Hackers successfully infiltrated the Treasury’s Office of Financial Analysis, with the full scope of the breach still under evaluation. Despite initial concerns, authorities confirmed that there is no evidence suggesting the Chinese state-sponsored hackers gained persistence within the company’s systems following the containment of the compromised BeyondTrust event.
“The safeguarding of federal programs and the sensitive information they protect is paramount to the nation’s overall security,” said the U.S. cybersecurity company added immediately.
“We’re working diligently to mitigate potential risks and will provide timely updates as more information becomes available.”
