Hackers believed to have stolen Treasury Department's encryption keys, says Sen. Ron Wyden

GettyImages 52182315
Hackers appear to have stolen encryption keys used by the US government, compromising the email accounts of top officials at the Treasury Department.
  • A suspected state-sponsored hack of the US Treasury Department "appears to be significant," Sen. Ron Wyden said Monday.
  • The hackers appear to have stolen "encryption keys" from US government servers, Wyden said.
  • The keys would enable those hackers to gain access to the correspondence of top US officials.
  • Visit Business Insider's homepage for more stories.

Hackers who broke into the US government's computer systems appear to have stolen encryption keys, potentially giving them access to the email accounts of top officials, US Sen. Ron Wyden said Monday.

Following a briefing on the SolarWinds hack - a suspected state-sponsored act of espionage, with fingers pointed at Russia - Wyden issued a statement saying that the hack of the US Treasury Department, in particular, "appears to be significant."

According to department staff, "the agency suffered a serious breach, beginning in July, the full depth of which isn't known," Wyden said. "Microsoft notified the agency that dozens of email accounts were compromised." (Treasury Secretary Steven Mnuchin's account was not among those compromised, The New York Times reported.)

The hackers also infiltrated a Treasury division "home to the department's highest ranking officials," the senator said. 

"Finally, after years of government officials advocating for encryption backdoors, and ignoring warnings from cybersecurity experts who said that encryption keys become irresistible targets for hackers, the [US government] has now suffered a breach that seems to involve skilled hackers stealing encryption keys from USG servers," Wyden said.

A Wyden aide told tech journalist Kim Zetter that, with such keys, "the hackers were able to forge the credentials necessary to gain legitimate access to several Microsoft cloud-hosted email accounts."

Mnuchin, speaking earlier in the day to CNBC, projected calm.

"I can assure you, we are completely on top of this," he said.

"At this point, we do not see any break-in into our classified systems," he told CNBC. "Our unclassified systems did have some access."

The Treasury Department did not immediately return a request for comment on Wyden's remarks.

Have a news tip? Email this reporter: cdavis@insider.com

Read the original article on Business Insider


Contributer : Business Insider https://ift.tt/3nKUQrm
Hackers believed to have stolen Treasury Department's encryption keys, says Sen. Ron Wyden Hackers believed to have stolen Treasury Department's encryption keys, says Sen. Ron Wyden Reviewed by mimisabreena on Tuesday, December 22, 2020 Rating: 5

No comments:

Sponsor

Powered by Blogger.