Friendly forums for passionate Dems!
More than 93 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Latest Breaking News»U.S. Treasury says its co...
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Latest Breaking News

Related: General Discussion, Editorials & Other Articles

BumRushDaShow

(162,253 posts) Mon Dec 30, 2024, 06:34 PM Dec 2024

U.S. Treasury says its computers were hacked by a Chinese 'threat actor' in a 'major incident'

Source: NBC News

Dec. 30, 2024, 4:50 PM EST


he U.S. Treasury department said a state-sponsored Chinese hacking operation was able to use third-party software to access the desktop computers of Treasury employees in what the department is calling "a major incident."

In a letter seen by NBC News, Aditi Hardikar, assistant secretary for management of the U.S. Department of the Treasury, wrote that the office was notified on Dec. 8 of the breach. The letter is addressed to Sen. Sherrod Brown, D-Ohio, and Sen. Tim Scott, R-S.C., the chairman and ranking member, respectively, of the Committee on Banking, Housing and Urban Affairs.

Hardikar wrote that the U.S. Treasury was told by "a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users." With this access, the "threat actor" was able to override certain security measures and access the department office user workstations. The information accessed by the "threat actor" was unclassified documents.

The U.S. Treasury has been working with Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and other members of the intelligence community, as well as "third-party forensic investigators to fully characterize the incident and determine its overall impact," according to the letter.

Read more: https://www.nbcnews.com/tech/security/us-treasury-says-computers-hacked-chinese-threat-actor-rcna185809

24 replies, 2993 views
24 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
U.S. Treasury says its computers were hacked by a Chinese 'threat actor' in a 'major incident' (Original Post) BumRushDaShow Dec 2024 OP
How much damage was done? Irish_Dem Dec 2024 #1
As dlk says below, "We'll never know" erronis Dec 2024 #7
We keep taking one major hacker hit after another. Irish_Dem Dec 2024 #8
LOL ananda Dec 2024 #10
It was a rhetorical question. Irish_Dem Dec 2024 #12
LOL again ananda Dec 2024 #19
Well, imho, I'm sure every valid entity in the US and the world is under some sort of cyber attack. Either by SWBTATTReg Dec 2024 #2
We'll never know dlk Dec 2024 #3
The Chinese are at war with the US and doing quite a bit of damage. Irish_Dem Dec 2024 #9
This message was self-deleted by its author Chin music Dec 2024 #22
As Edward R. Murrow said: "Good night. And good luck." Truer words never spoken. We are needing some luck. BS crazy. Evolve Dammit Dec 2024 #4
BeyondTrust? This is the vendor who caused the problem. BeyondTrust. SMH n/t SupportSanity Dec 2024 #5
No, this is the organization that detected the breach - as far as I can tell. erronis Dec 2024 #13
Wrong pimpbot Dec 2024 #16
Right you are. Thanks for correcting my mis-interpretation. erronis Dec 2024 #17
Report at DocumentCloud usonian Dec 2024 #6
This should not be happening. Someone or Someones are asleep at the switch here. Joinfortmill Dec 2024 #11
Lots of "switches" here. All the way from the target back through all the suppliers. erronis Dec 2024 #14
Well, after January 20th they won't need to hack to get in drray23 Dec 2024 #15
Recommended True Dough Dec 2024 #18
They should've waited... DingleBerryNW Dec 2024 #20
This message was self-deleted by its author Chin music Dec 2024 #21
I had an account when the interest rate was north of 9% and was loving it! wolfie001 Dec 2024 #23
Are hackers using AI yet? IcyPeas Dec 2024 #24

erronis

(21,704 posts)
7. As dlk says below, "We'll never know"
Reply to Irish_Dem (Reply #1)
Mon Dec 30, 2024, 07:23 PM
Dec 2024

Even if the US authorities (FBI, CISA, etc.) do uncover some of the traces of the infection, it will not be disclosed to the public.

1. You don't want your adversaries to know what you have uncovered;
2. The public has no right for full disclosures. (sarcasm)

Irish_Dem

(76,773 posts)
8. We keep taking one major hacker hit after another.
Reply to erronis (Reply #7)
Mon Dec 30, 2024, 07:29 PM
Dec 2024

And no one tells us how bad it is.

What do the Chinese want from the US Treasury?

Irish_Dem

(76,773 posts)
12. It was a rhetorical question.
Reply to ananda (Reply #10)
Mon Dec 30, 2024, 07:51 PM
Dec 2024

But how do they pull off the heist?
Don't they have to physically get the contents?

SWBTATTReg

(25,805 posts)
2. Well, imho, I'm sure every valid entity in the US and the world is under some sort of cyber attack. Either by
Reply to BumRushDaShow (Original post)
Mon Dec 30, 2024, 06:40 PM
Dec 2024

foreign entities, or persons of ill-repute, trying to make a few bucks scamming the system somehow.

The world out there is NOT safe people. If you have an online presence, protect it at all costs. Avoid questionable sites. And perhaps use a separate ID to get into banking etc. sites vs. a media site, such as DU, facebook, etc.

dlk

(13,000 posts)
3. We'll never know
Reply to BumRushDaShow (Original post)
Mon Dec 30, 2024, 06:41 PM
Dec 2024

The infiltration of Chinese hackers into America is much more pervasive than we will ever be told.

Irish_Dem

(76,773 posts)
9. The Chinese are at war with the US and doing quite a bit of damage.
Reply to dlk (Reply #3)
Mon Dec 30, 2024, 07:30 PM
Dec 2024

We are told over and over about the "major" attacks.

We know it is not good news.

Response to Irish_Dem (Reply #9)

Chin music This message was self-deleted by its author.

Evolve Dammit

(21,302 posts)
4. As Edward R. Murrow said: "Good night. And good luck." Truer words never spoken. We are needing some luck. BS crazy.
Reply to BumRushDaShow (Original post)
Mon Dec 30, 2024, 07:10 PM
Dec 2024

erronis

(21,704 posts)
13. No, this is the organization that detected the breach - as far as I can tell.
Reply to SupportSanity (Reply #5)
Mon Dec 30, 2024, 07:52 PM
Dec 2024

There is no mention of the vendor who had its software/hardware hacked but frequent candidates are network infrastructure, common "secure" software interconnections (FortiNet), and even software that is supposed to monitor for anomalies.

pimpbot

(1,133 posts)
16. Wrong
Reply to erronis (Reply #13)
Mon Dec 30, 2024, 09:04 PM
Dec 2024

Read the letter posted below in this thread. It explicitly says the Chinese compromised a beyondtrust service and used it to gain access.

usonian

(21,871 posts)
6. Report at DocumentCloud
Reply to BumRushDaShow (Original post)
Mon Dec 30, 2024, 07:19 PM
Dec 2024
https://www.documentcloud.org/documents/25472754-12/

One page only.



Pretty distinctive signature.
Hope Aditi's checkbook doesn't fall to the ground in the same parking lot I'm parked in.

erronis

(21,704 posts)
14. Lots of "switches" here. All the way from the target back through all the suppliers.
Reply to Joinfortmill (Reply #11)
Mon Dec 30, 2024, 07:58 PM
Dec 2024

Each link on the chain can see intrusions (see SolarWinds). To get a product to run on a government system there may be 20-100 (swag) companies involved. The government has no way to audit all of the transactions or verify the final product.

A whole lot has been done in the last 5-10 years through efforts to secure the software and the chains. See CISA. However it's much harder to defend against attack than to be the attacker.

DingleBerryNW

(65 posts)
20. They should've waited...
Reply to BumRushDaShow (Original post)
Mon Dec 30, 2024, 09:50 PM
Dec 2024

Until after the orange one’s inauguration. Trump would have just given the passwords. Saving the hackers countless hours of work….

Response to BumRushDaShow (Original post)

Chin music This message was self-deleted by its author.

wolfie001

(6,356 posts)
23. I had an account when the interest rate was north of 9% and was loving it!
Reply to BumRushDaShow (Original post)
Tue Dec 31, 2024, 08:42 AM
Dec 2024

Of course it was very temporary, but I thought the whole on-line experience was a clunky, 1990s mess. It was a bit shocking really. This whole affair isn't surprising and with the fat orange asshole returning to the WH, things prolly won't get much better with protecting our nation's institutions. Thanks to the stupid half that voted for him or sat on their fucking hands.

IcyPeas

(24,498 posts)
24. Are hackers using AI yet?
Reply to BumRushDaShow (Original post)
Tue Dec 31, 2024, 01:34 PM
Dec 2024

I dread hackers screwing with our power grid. That would be hell.

Reply to this discussion
Latest Discussions»Latest Breaking News»U.S. Treasury says its co...
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2025 Democratic Underground, LLC. Thank you for visiting.