Department of Treasury Web Site Hacked

Hackers redirected visitors to a malicious site until the agency took the infected site down.

J. Nicholas Hoover, Senior Editor, InformationWeek Government

May 5, 2010

2 Min Read
Dark Reading logo in a gray background | Dark Reading

A Department of Treasury Web site hosted by a third party was hacked on Monday, for a short while redirecting visitors to a malicious site in Ukraine and later tracking IP addresses before the Department of Treasury took the site offline.

The main Web site of the Treasury division that prints U.S. paper currency, the Bureau of Engraving and Printing, remained down as of Wednesday morning, presenting would-be visitors with a 404 "not found" error at each of the four URLs that point to the page, bep.gov, bep.treas.gov, moneyfactory.gov, and moneyfactory.com.

The hack was first noticed Monday by anti-malware company AVG, whose chief research officer Roger Thompson said in a blog that the hack was an indication that "anyone can get hacked."

Cisco's ScanSafe tracked the attack to a Web site that attempts to exploit numerous vulnerabilities in Adobe Reader, Adobe Acrobat, Internet Explorer, Microsoft Office, Symantec AppStream, and other applications, and said that the malicious site has targeted sites hosted by Network Solutions and GoDaddy.

The Department of Treasury did not identify the provider that hosted the Bureau of Engraving and Printing Web site, but did acknowledge in a statement that it "entered the cloud computing arena last year."

The attack is bound to raise concerns about federal agencies' abilities to secure data hosted by third-party service providers. Security remains one of the biggest concerns in government circles as the Obama administration makes an aggressive push for federal agencies to begin adopting cloud computing services. The attack may also be used as a tool by legislators and policy makers to demand tighter security requirements.

It's unclear when the bureau's Web site will go back online, but the agency said that it is "aware of the remediation steps required to restore the site and is currently working toward resolution."

About the Author

J. Nicholas Hoover

Senior Editor, InformationWeek Government

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights