Foreign state hackers reportedly breached the US Treasury (updated)

The internet-focused NTIA was also a target.

Sponsored Links

WASHINGTON, May 21, 2020 -- Photo taken on May 21, 2020 shows the U.S. Treasury Department building in Washington D.C., the United States. U.S. Treasury Secretary Steven Mnuchin said Thursday that the administration will carefully review the economic situation in the next few weeks, and that he thinks there is a "strong likelihood" the country will need another COVID-19 relief bill. (Photo by Ting Shen/Xinhua via Getty) (Xinhua/ via Getty Images)
Ting Shen/Xinhua via Getty Images

Foreign hackers may be running rampant in the US government. Reuters sources said a group backed by a foreign government stole data from the Treasury Department and the internet policy-focused NTIA. While details are still limited, it was reportedly serious enough to prompt a National Security Council meeting at the White House on December 12th. Reporter Chris Bing said on Twitter that the attackers took emails from both agencies.

Intelligence officials were concerned that the hackers used a similar method to breach other government bodies, the tipsters said. There weren’t any clues as to who was responsible.

National Security Council spokesman John Ullyot didn’t directly confirm the hacks, but said the government was “aware” of reports and was “taking all necessary steps” to pinpoint and resolve any security issues.

Regardless of how sensitive the data was, the apparent incidents would represent serious violations of government security. It’s also not a good look for the current US administration. As Bing noted, this came just weeks after President Trump fired election cybersecurity director Chris Krebs for publicly debunking unsupported claims about voting system fraud. There isn’t a top cybersecurity official, either. Simply speaking, it comes at a moment when US leadership against these kinds of attacks is at a low point.

Update 12/13 5:30PM ET: The Washington Post’s connections claim Russia’s APT29, also known as Cozy Bear, is linked to the Treasury and NTIA hacks. The state-backed group targeted the White House and State Department during President Obama’s tenure, and has been tied to attempts to steal COVID-19 vaccine research. The hacking campaign has supposedly been running for months.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget