47

US Treasury says Chinese hackers stole documents in 'major incident'(www.reuters.com)

posted
by
Avatar
Rapidcreek@lemmy.world
in
Avatar
politics@lemmy.world
9 comments
hidereport
Sort:
HotTopControversialNewOld
Avatar
Optional@lemmy.world
25 points

. . .hackers “gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users. With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”

Hey let’s store the nation’s critical infrastructure documents on Jeff Bezos’ computers! Yay! What a cost savings that will be. And why not send all government communications through Microsoft?! Boy what a load off that will be.

permalink
report
reply
Avatar
CharlesDarwin@lemmy.world
6 points

FACEPALM. I still don’t know how AWS, et al, did it, but they have convinced a whole shit-ton of people to believe that using their “cloud” is not only as secure as building and maintaining their own infrastructure, they’ve convinced a lot of people it’s more secure. Because “core competencies”, etc…yeah, let’s de-skill a whole lot of IT people by learning only certain vendor dashboards and think that’s going to work out long term for things like security, DR, BC…

It’s kinda dumb when really, really big tech companies do this, it’s even stupider if government agencies fall for it…

permalink
report
parent
reply
Avatar
phoneymouse@lemmy.world
17 points

Maybe it’s time for the US govt to start paying high enough wages to recruit tech talent.

permalink
report
reply
Avatar
Bronzebeard@lemm.ee
9 points

It’s weird how, despite the feds being the ones who push security requirements onto the states, the states often have better security in place than the people making the rules…wtf

permalink
report
reply
Avatar
Rapidcreek@lemmy.worldOP
10 points

First of all, I’m not buying that states have better security. But, most of all I’d say that the US government have much larger networks with much more important data. Which is what the hackers want.

permalink
report
parent
reply
Avatar
JWBananas@lemmy.world
2 points

They were breached via a compromised security vendor

permalink
report
parent
reply
Avatar
Bronzebeard@lemm.ee
1 point

And why would that security vendor have access to actual documents? Opsec failed.

permalink
report
parent
reply
Avatar
JWBananas@lemmy.world
0 points

They didn’t. They had access to workstations which were then compromised in turn.

permalink
report
parent
reply
Avatar
Rapidcreek@lemmy.worldOP
4 points

The Boyz from Beijing are at it again

permalink
report
reply

politics

!politics@lemmy.world

Create post

Welcome to the discussion of US Politics!

Rules:

  1. Post only links to articles, Title must fairly describe link contents. If your title differs from the site’s, it should only be to add context or be more descriptive. Do not post entire articles in the body or in the comments.

Links must be to the original source, not an aggregator like Google Amp, MSN, or Yahoo.

Example:

  1. Articles must be relevant to politics. Links must be to quality and original content. Articles should be worth reading. Clickbait, stub articles, and rehosted or stolen content are not allowed. Check your source for Reliability and Bias here.
  2. Be civil, No violations of TOS. It’s OK to say the subject of an article is behaving like a (pejorative, pejorative). It’s NOT OK to say another USER is (pejorative). Strong language is fine, just not directed at other members. Engage in good-faith and with respect! This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban.
  3. No memes, trolling, or low-effort comments. Reposts, misinformation, off-topic, trolling, or offensive. Similarly, if you see posts along these lines, do not engage. Report them, block them, and live a happier life than they do. We see too many slapfights that boil down to “Mom! He’s bugging me!” and “I’m not touching you!” Going forward, slapfights will result in removed comments and temp bans to cool off.
  4. Vote based on comment quality, not agreement. This community aims to foster discussion; please reward people for putting effort into articulating their viewpoint, even if you disagree with it.
  5. No hate speech, slurs, celebrating death, advocating violence, or abusive language. This will result in a ban. Usernames containing racist, or inappropriate slurs will be banned without warning

We ask that the users report any comment or post that violate the rules, to use critical thinking when reading, posting or commenting. Users that post off-topic spam, advocate violence, have multiple comments or posts removed, weaponize reports or violate the code of conduct will be banned.

All posts and comments will be reviewed on a case-by-case basis. This means that some content that violates the rules may be allowed, while other content that does not violate the rules may be removed. The moderators retain the right to remove any content and ban users.

That’s all the rules!

Civic Links

Register To Vote

Citizenship Resource Center

Congressional Awards Program

Federal Government Agencies

Library of Congress Legislative Resources

The White House

U.S. House of Representatives

U.S. Senate

Partnered Communities:

News

World News

Business News

Political Discussion

Ask Politics

Military News

Global Politics

Moderate Politics

Progressive Politics

UK Politics

Canadian Politics

Australian Politics

New Zealand Politics

Community stats

  • 10K

    Monthly active users

  • 12K

    Posts

  • 218K

    Comments

Community moderators