U.S. Congressional Budget Office Investigates Cyberattack Incident
Full Transcript
The U.S. Congressional Budget Office has confirmed that it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially compromising sensitive data. Caitlin Emma, a spokesperson for the CBO, stated that the agency has identified the security incident and acted promptly to contain the threat.
Emma emphasized that the CBO has implemented additional monitoring and new security controls to protect its systems in the future. The Washington Post reported that officials discovered the breach in recent days and are particularly concerned that emails and exchanges between congressional offices and the CBO's analysts may have been affected.
Some congressional offices have reportedly paused email communications with the CBO due to security concerns. The CBO is a crucial nonpartisan agency that provides economic analysis and cost estimates for proposed legislation, making a breach particularly concerning as it could expose draft reports, economic forecasts, and internal communications.
This incident adds to a troubling trend of cyberattacks targeting government agencies over the past year. In December 2024, the U.S. Treasury Department confirmed a breach linked to the third-party remote support platform, BeyondTrust.
The Committee on Foreign Investment in the United States was also targeted in the same series of attacks. Sources attribute these breaches to the Chinese state-sponsored Advanced Persistent Threat group known as Silk Typhoon.
Silk Typhoon gained notoriety in early 2021 after exploiting zero-day vulnerabilities in Microsoft Exchange Server, affecting approximately 68,500 servers before security patches were implemented. The ongoing investigation into the congressional cyberattack underscores the urgent need for enhanced cybersecurity measures within government institutions to protect sensitive information from foreign threats.
As the CBO continues its work amid this investigation, the cybersecurity landscape remains a critical area of focus for both government and private sector organizations, reflecting the heightened risks they face in an increasingly digital world.