Chinese hackers breach US Treasury computers

Live Fox News (Youtube) ^ | 12/21/24

[EBH]

The US Treasury says Chinese hackers stole major documents in a computer breach.

The hackers compromised third-party cybersecurity service provider BeyondTrust and were able to access unclassified documents, the letter said.

[EBH]

Good job Yellen.

[EBH]

They gained access to a security key, which is the biggest concern, and accessed the information like they were remotely logging in from home. They didnt break down firewalls and bypass security. Now is a question as to what level of clearance that key had access to and then how they gained access to the key.

[dayglored]

> Now is a question as to ... how they gained access to the key.

My bet is good old human engineering, via a phishing or similar attack on an employee.

I receive no less than 20 emails plus a few text messages EVERY DAY that are malware looking to gain access to my or my company's private data.

Extreme caution bordering on paranoia is appropriate. 24x7.

[McCarthysGhost]

Were they just given the key by our own government and now the government needs a cover story to explain China’s unfettered access.

[EBH]

This is possibly a good reason government workers need to work in an office, not from home!

Second, they recently told the nation (but more specifically) government staff to not be texting on unsecure networks as phones were being targeted.

I know lots of people keep their passwords in the notes file on their phones, cloud etc. Plus those devices can spy on you once hacked into via Verizon/ATT recall that incident?

Some how they got the passkey, gee was it taped up on someone’s laptop?

personally...I think it was the Biden regime and a payoff of some sort.

Golly, I have dislike democrats for a long time but right now I hate them like the enemies and useful idiots they are. God forgive me, but they cannot be trusted.

[ncalburt]

Pres Jill just paying back her CCP bosses for the last four years .

[norsky]

Beyond Trust?

[ronnie raygun]

yellan didnt see it, it was over her head

[Sooth2222]

The hackers compromised third-party cybersecurity service provider BeyondTrust and were able to access unclassified documents, the letter said.

"Third party cybersecurity service provider BeyondTrust"?

I'm old enough to remember when the US could win wars, and didn't leave astronauts marooned in orbit.

[AndyJackson]

And yet we have armies of H1B cyber experts locking down everything we own. How is this possible when we are importing the best and brightest talent from around the world to keep this from happening.

The problem is that real cybersecurity would be easy. The powers that be think they don't want it.

[The Duke]

"I know lots of people keep their passwords in the notes file on their phones, cloud etc."

I store my passwords locally, but encrypted using the gVim text editor. I have it use the 'blowfish2' algorithm. This is a nice approach because it's just freeform text, so I can store virtually any info that I want to protect.

The only downside was that I became an instant nerd when I started using gVim, and now the women won't look at me.

[bgill]

Are they really hackers since they created the whole program so held the original key?