CISA: No Evidence of Widespread Government Hack Beyond Treasury

Recent Cyberattack on U.S. Treasury Department: No Indication of Wider Federal Agency Compromise

According to a statement released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday, there is currently no evidence suggesting that any other U.S. federal agencies experienced a security breach during the recent cyberattack targeting the U.S. Treasury Department.

Details of the December Breach

The Treasury Department publicly acknowledged the security incident on December 30th. Investigations attributed the intrusion to actors believed to be affiliated with the Chinese government.

Access was gained to Treasury employee workstations, and unclassified documents were accessed by the attackers. The department informed U.S. lawmakers that the hackers leveraged a private key obtained from a technology vendor, BeyondTrust.

This key is utilized by the Treasury for providing remote technical assistance. The method by which the BeyondTrust key was compromised remains under investigation.

Reports indicate that the hackers specifically focused their efforts on the Treasury’s office responsible for administering global sanctions.

China's Response

A representative of the Chinese government stationed in Washington, D.C., has previously refuted the accusations of involvement in the cyberattack.

CISA's Ongoing Monitoring

CISA affirmed in its statement that it is actively monitoring the situation and collaborating with relevant federal entities to ensure a thorough and coordinated response to the attack on the Treasury.

The agency is committed to maintaining a comprehensive security posture following this incident.