US says Chinese hackers breach state department’s email accounts
12 July 2023 - 23:57
byChristopher Bing and James Pearson
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Washington — Chinese state-linked hackers have secretly accessed email accounts at about 25 organisations, including US government accounts, in a cyberspying campaign since May, Microsoft and US officials said on Wednesday.
The US detected a breach of federal government accounts “fairly rapidly” and managed to prevent further breaches, White House national security adviser Jake Sullivan told ABC.
The US state department was one of the affected government agencies, according to a person familiar with the investigation who spoke on condition of anonymity.
The hacking group, which Microsoft calls Storm-0558, forged digital authentication tokens to access webmail accounts running on the firm’s Outlook service via the cloud service, the company said in a statement. The activity began in May, Microsoft said.
“As with any observed nation-state actor activity, Microsoft has contacted all targeted or compromised organisations directly via their tenant admins and provided them with important information to help them investigate and respond,” the company added.
Microsoft did not say which organisations or governments had been affected, but added that the hacking group involved primarily targets entities in Western Europe.
China’s embassy in London called the accusation “disinformation” and called the US government “the world’s biggest hacking empire and global cyber thief”.
China routinely denies involvement in hacking operations regardless of the available evidence or context.
White House National Security Council spokesperson Adam Hodge said an intrusion in Microsoft’s cloud security “affected unclassified systems”, without elaborating.
“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” Hodge added.
The state department “detected anomalous activity” and “took immediate steps to secure our systems”, a department spokesperson said in a statement.
Private sector cybersecurity experts have said newly discovered hacking activity shows how Chinese groups are improving their cyber capabilities.
“Chinese cyber espionage has come a long way from the smash-and-grab tactics many of us are familiar with,” said John Hultquist, chief analyst for US cybersecurity firm Mandiant.
Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
US says Chinese hackers breach state department’s email accounts
Washington — Chinese state-linked hackers have secretly accessed email accounts at about 25 organisations, including US government accounts, in a cyberspying campaign since May, Microsoft and US officials said on Wednesday.
The US detected a breach of federal government accounts “fairly rapidly” and managed to prevent further breaches, White House national security adviser Jake Sullivan told ABC.
The US state department was one of the affected government agencies, according to a person familiar with the investigation who spoke on condition of anonymity.
The hacking group, which Microsoft calls Storm-0558, forged digital authentication tokens to access webmail accounts running on the firm’s Outlook service via the cloud service, the company said in a statement. The activity began in May, Microsoft said.
“As with any observed nation-state actor activity, Microsoft has contacted all targeted or compromised organisations directly via their tenant admins and provided them with important information to help them investigate and respond,” the company added.
Microsoft did not say which organisations or governments had been affected, but added that the hacking group involved primarily targets entities in Western Europe.
China’s embassy in London called the accusation “disinformation” and called the US government “the world’s biggest hacking empire and global cyber thief”.
China routinely denies involvement in hacking operations regardless of the available evidence or context.
White House National Security Council spokesperson Adam Hodge said an intrusion in Microsoft’s cloud security “affected unclassified systems”, without elaborating.
“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” Hodge added.
The state department “detected anomalous activity” and “took immediate steps to secure our systems”, a department spokesperson said in a statement.
Private sector cybersecurity experts have said newly discovered hacking activity shows how Chinese groups are improving their cyber capabilities.
“Chinese cyber espionage has come a long way from the smash-and-grab tactics many of us are familiar with,” said John Hultquist, chief analyst for US cybersecurity firm Mandiant.
Reuters
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.
Most Read
Related Articles
China rebukes Nato’s Asia-Pacific expansion
Strong anti-China sentiment in the US could foil easing of Trump-era tariffs on ...
UK-China relations hit wall over embassy row
China and Solomon Islands sign police co-operation deal
Female economists in China who met Janet Yellen called ‘traitors’ and ‘radical ...
PETER APPS: Questions over how long US leadership in Nato will last
Published by Arena Holdings and distributed with the Financial Mail on the last Thursday of every month except December and January.