Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
“I can’t believe we’re seeing injectable vulnerabilities in 2024 in any product, let alone a remote security product that’s supposed to be advanced for use by the US government,” said Jake Williams, vice president of research and development at cybersecurity consultant Hunter Strategy and former NSA hacker. “These are some of the easiest bugs to identify and fix right now.”
BeyondTrust is an authorized vendor of the “Federal Risk and Authorization Management Program”, but Williams thinks it is possible that the Treasury was using a non-FedRAMP cloud version of the company’s Remote Support and Privileged Remote Access. If the breach also affected FedRAMP’s authorized cloud infrastructure, Williams says, “it could be the first breach and probably the first time FedRAMP’s cloud infrastructure has been misused to facilitate remote client access.”
The breach comes as US officials did fighting a massive espionage campaign hacking of US telecoms allegedly by a Chinese terrorist group known as Salt Typhoon. White House officials he told reporters On Friday, the Salt Storm knocked out nine US telephone lines.
“We wouldn’t leave our homes, our offices, unlocked and our most important devices – the private companies that own our most important devices – often don’t have cyber security measures in place that can make our infrastructure dangerous, expensive, and difficult. states and terrorists to attack,” Anne Neuberger, deputy national security adviser for cyber and emerging technologies, said Friday.
Treasury, CISA, and FBI officials did not respond to WIRED’s questions about whether the actor who breached Treasury was specifically Salt Storm. Treasury officials said in a briefing to Congress that they would provide details of the incident in the department’s 30-day notification report. As more information continues to emerge, Hunter Strategy’s Williams says the scope and scale of the breach may be greater than meets the eye.
“I hope that the results will be greater than finding a few unpublished articles,” he says.
