The U.S. Treasury was hacked by a state-sponsored Chinese group in which a BeyondTrust API key was hacked. The result? A compromise of Treasury workstations and the theft of classified documents.The news comes via a report by SCMedia.
In a letter to a Senate committee, a Treasury official said that on December 8 Beyond Trust notified the Treasury that the threat actor used the stolen key to access the department’s systems. This incident joins a growing list of attacks on technology companies, including Okta, LastPass, SolarWinds, and Snowflake, SCMedia reports.
The Treasury Department will offer more information about the incident in its 30-day follow-up report later this month.
Got news or tips to share with us? Please send them to [email protected]
Today’s MSSP Update
1. Cybersecurity services conference - Right of Boom will be returning to the MGM Grand in Las Vegas, February 19-21. The event is aimed at security-focused MSPs and will feature a Capture the Flag competition with $10,000 in prizes, sponsored by Huntress and other cybersecurity vendors.
2. Cybersecurity changes in 2025 - States are expected to take the lead in legislation and regulations for cybersecurity and data privacy in 2025, filling gaps that are likely to be left by the new Republican leaders at the federal level, according to a report by Law360.
3. The operation technology cyber opportunity - The operational technology cybersecurity market was valued at $20.7 billion in 2024 and is expected to grow at a compound annual growth rate of 16% through 2032 to reach $70.6 billion, according to Business Insights Research.
4. New IT and cyber consulting firm launches - IT Leader Scott Strahler has launched Helix Tech Consulting, an IT consulting firm with a specialty in cybersecurity. The Philadelphia-area company is focused on helping companies protect their digital assets and optimize their technology investments.
5. Top cybersecurity vendors - Canalys is forecasting that four out of the following eight vendors will be the leading enterprise cybersecurity platforms: Cisco, Crowdstrike, Google, Fortinet, Microsoft, SentinelOne, Palo Alto Networks, Trend Micro.
6. Why you need to partner - Canalys also predicts that channel partners will outsource between five and seven of their current services to fellow partners (or vendors). That means that MSSPs and MSPs don’t need to do it all. But to provide the best level of services to your customers, you should have a go-to list of partner contacts that offer the services that you don’t.
