Follow Olhar Digital on Google Discover
All about united states
The US Congressional Budget Office (CBO) confirmed that it was hacked by as-yet-unidentified attackers. The agency, responsible for providing economic analysis and cost estimates to lawmakers during the federal budget process, said it is conducting an internal investigation and adopting new security measures. The information is from the TechCrunch portal.
According to spokeswoman Caitlin Emma, CBO “identified the security incident, took immediate steps to contain it, and implemented additional controls and controls to protect its systems.” The confirmation followed a report by The Washington Post, which revealed the invasion on Thursday (31).
Foreign hackers may be behind US attack
According to the Washington Post, foreign hackers were responsible for the break-in, raising concerns that internal communications, including emails and records of conversations between lawmakers and CBO investigators, had been accessed.
Reuters also reported that the office of the Senate Sergeant-at-Arms, the legislative security body, warned about the possibility of compromised messages being used in phishing attacks against congressional offices and staff.
It’s not yet known how the attackers gained access to the CBO network, but experts point to known flaws in an old firewall.
Security flaws and suspected firewall vulnerability
Security researcher Kevin Beaumont suggested to Bluesky Network that hackers may have exploited vulnerabilities in an outdated Cisco ASA firewall used by the CBO. According to him, the team had not received recent fixes and remained vulnerable to flaws that were being exploited by hacker groups allegedly linked to the Chinese government.
Beaumont noted that the firewall was active and was not updated until Oct. 1, when the US federal government went into a partial shutdown. After the attack was revealed, the researcher reported that the device was offline.
Read more:
The CBO declined to comment on Beaumont’s findings, and Cisco has not yet responded to requests for clarification on the case. The extent of the leak and the potential compromise of confidential US government information remains under investigation.
