US Treasury incident a clear warning on supply chain security in 2025 | Computer Weekly

US Treasury incident a clear warning on supply chain security in 2025 | Computer Weekly

Briefly

The recent cyber incident targeting the U.S. Department of the Treasury occurs due to a compromise at a third-party tech support provider, highlighting vulnerabilities in technology supply chains.

ComputerWeekly.comhttps://www.computerweekly.com/news/366617488/US-Treasury-incident-a-clear-warning-on-supply-chain-security-in-2025

The attack by an undisclosed China-backed APT actor emphasizes the importance of securing the technology supply chain, particularly against threats to sensitive governmental operations.

ComputerWeekly.comhttps://www.computerweekly.com/news/366617488/US-Treasury-incident-a-clear-warning-on-supply-chain-security-in-2025

Aditi Hardikar confirmed the compromise on December 8 by a provider, BeyondTrust, which led to unauthorized access to Treasury user workstations and unclassified documents.

ComputerWeekly.comhttps://www.computerweekly.com/news/366617488/US-Treasury-incident-a-clear-warning-on-supply-chain-security-in-2025

The involvement of OFAC in sanctioning malicious actors makes it a prime target, indicative of the broader challenges in safeguarding critical cybersecurity infrastructures.

ComputerWeekly.comhttps://www.computerweekly.com/news/366617488/US-Treasury-incident-a-clear-warning-on-supply-chain-security-in-2025