The Treasury Department blamed a cloud computing provider for the disruption of its Web site that provides the Internet face of the Bureau of Engraving and Printing, the agency that prints U.S. currency. A blog Monday reported that the sites were hacked. As of Tuesday afternoon, the bureau’s Web site was inaccessible. On Tuesday, Treasury issued the following statement: “The Bureau of Engraving and Printing (BEP) entered the cloud computing arena last year. The hosting company used by BEP had an intrusion and as a result of that intrusion, numerous websites (BEP and non-BEP) were affected. On May 3, the Treasury Government Security Operations Center was made aware of the problem and subsequently notified BEP. BEP has four Internet address URLs all pointing to one public website. Those URLs are; BEP.gov; BEP.treas.gov; Moneyfactory.gov and Moneyfactory.com. BEP has since suspended the Web site. Through discussions with the provider, BEP is aware of the remediation steps required to restore the site and is currently working toward resolution.” Treasury did not identify the host company. The chief research officer for IT security software vendor AVG wrote in his blog that “for a short while (Monday) a couple of treas.gov websites were hacked, and were reaching out to an attack site in Ukraine.” He added: “They had been script injected with the line of code. BTW, you should not mess with the attack site. It was dead earlier (Monday), but could easily come back to life.”

Tweet your comments on cloud computing as the concept gains traction in the security industry. Tweet to http://twitter.com/securitymag

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 October

This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.

View More Create Account

How Safe is Cloud Computing? Don’t Ask the Treasury Department

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog