Hackers related to China's authorities efficiently breached US Treasury

Axios with the info (may be gated):

Hackers connected to China’s government successfully breached several Treasury Department workstations and accessed unclassified documents, according to a letter to Congress on Monday.

• The hackers, which Treasury has linked to an unspecified Chinese state-sponsored hacking group, gained access to Treasury’s networks via software service provider BeyondTrust
• Chinese hackers stole a key that BeyondTrust uses to “secure a cloud-based service used to remotely provide technical support” for several Treasury Department users.
• The hackers were able to leverage that access to override BeyondTrust’s security controls and access unclassified documents.
• A Treasury spokesperson said in a statement to Axios that the “compromised BeyondTrust service has been taken offline” and there is “no evidence indicating a threat actor has continued access to Treasury systems or information.”

China – US war continues (cold one at this stage, but still).

This article was written by Eamonn Sheridan at www.forexlive.com.