Thread by @Bing_Chris, EXCLUSIVE: U.S. Treasury breached by hackers backed by foreign government

EXCLUSIVE: U.S. Treasury breached by hackers backed by foreign government - sources https://reut.rs/3oHqLJg

EXCLUSIVE-U.S. Treasury breached by hackers backed by foreign government - sources

A sophisticated hacking group backed by a foreign government stole information from the U.S. Treasury Department and a U.S. agency responsible for deciding policy around the internet and telecommun...

https://reut.rs/3oHqLJg

BREAKING: a highly sophisticated hacking group has stolen emails from Treasury Department and Commerce's NTIA. Other USG agencies are believed to be breached by same group through similar technique.

Hacking operation is so serious that NSC had a recent emergency meeting

Incident comes shortly after Trump administration fired heads of DHS' Cybersecurity Infrastructure Protection Agency. There is also no current top cyber official.

Multiple agencies wrapped up in the investigation.

Keep an eye on story (updating): https://www.reuters.com/article/usa-cyber-amazoncom/exclusive-u-s-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUSL1N2IT0HS

EXCLUSIVE-U.S. Treasury breached by hackers backed by foreign government - sources

https://www.reuters.com/article/usa-cyber-amazoncom/exclusive-u-s-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUSL1N2IT0HS

White House National Security Council comment: https://twitter.com/Bing_Chris/status/1338199885053628420?s=20

https://twitter.com/Bing_Chris/status/1338199885053628420?s=20

updated link: https://www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive/exclusive-u-s-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUSKBN28N0PG

Exclusive: U.S. Treasury breached by hackers backed by foreign government - sources

https://www.reuters.com/article/us-usa-cyber-amazon-com-exclsuive/exclusive-u-s-treasury-breached-by-hackers-backed-by-foreign-government-sources-idUSKBN28N0PG

. @CISAgov comment->confirms breach: “We have been working closely with our agency partners regarding recently discovered activity on government networks. CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises.”

. @nakashimae pushing reporting further. Seems that APT29/Russian intel SVR is behind it: https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html

Russian government spies are behind a broad hacking campaign that has breached U.S. agencies and a...

The Treasury and Commerce departments are among those compromised, sources say.

https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html

Hearing that the way that FireEye was hacked is similar to how the government agencies are getting popped. Same group as well: apt29 - Russian intel service SVR https://www.reuters.com/article/us-fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-hacking-tools-idUSKBN28I31E

U.S. cybersecurity firm FireEye discloses breach, theft of internal hacking tools

FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that is has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking...

https://www.reuters.com/article/us-fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-hacking-tools-idUSKBN28I31E

You can follow @Bing_Chris.

Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: