Press ESC to close

Beijing-linked hackers penetrated Treasury systems

Category Details
Threat Actors Chinese state-sponsored actor (linked to groups like Volt Typhoon and Salt Typhoon).
Campaign Overview Major breach of U.S. Treasury Department workstations and classified documents via a third-party software exploit.
Target Regions (Or Victims) U.S. Treasury Department; potential links to U.S. telecommunications and critical infrastructure.
Methodology – Stolen security key for remote access
– Exploitation of third-party software vulnerability (BeyondTrust).
Product Targeted Treasury employee workstations and classified documents.
Malware Reference Not explicitly mentioned; linked to prior campaigns by Volt Typhoon and Salt Typhoon.
Tools Used Exploitation of BeyondTrust software; tools enabling remote access and data exfiltration.
Vulnerabilities Exploited Exploitation of a third-party vendor’s system to obtain a security key.
TTPs – Gaining unauthorized access via third-party compromise
– Targeting classified documents
– Persistent network infiltration.
Attribution Attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) group.
Recommendations – Strengthen third-party risk management
– Implement minimum cybersecurity standards
– Enhance collaboration with FBI and CISA.
Source The Record 

Read full article: https://therecord.media/beijing-hackers-penetrated-treasury-systems

The above summary has been generated by an AI language model

Stay Updated with Our Newsletter

Source: The Record

Published on: January 1, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *