👀 Copy Legendary Investors' Portfolios in One ClickCopy For Free

Chinese hackers breached State, Commerce Depts, Microsoft and US say

Published 07/12/2023, 08:03 AM
Updated 07/12/2023, 09:11 PM
© Reuters. FILE PHOTO: U.S. and Chinese flags are seen through broken glass in this illustration taken, January 30, 2023. REUTERS/Dado Ruvic/Illustration/File Photo
MSFT
-

By James Pearson and Christopher Bing

WASHINGTON/LONDON (Reuters) - Chinese state-linked hackers since May have secretly accessed email accounts at around 25 organizations, including at least two U.S. government agencies, Microsoft (NASDAQ:MSFT) and U.S. officials said on Wednesday.

The United States detected a breach of federal government accounts "fairly rapidly" and managed to prevent further breaches, White House national security adviser Jake Sullivan said in an interview with ABC's "Good Morning America" program.

The U.S. State and Commerce Departments said in statements that they were among the affected agencies.

The email accounts of Secretary of Commerce Gina Raimondo and Department of State officials were also hacked, The Washington Post reported, citing U.S. officials familiar with the matter.

Raimondo is the only known Cabinet-level official to have their account breached in the incident.

A senior U.S. government official told reporters it would be unfair to compare it to the SolarWinds compromise, a sweeping set of digital break-ins that were disclosed in late 2020 and blamed on Russian cyberspies.

"This intrusion should not be compared to SolarWinds," the official said, calling the recently discovered campaign "much narrower."

The U.S. official said he could not comment on Microsoft's decision to attribute the hack to China.

Microsoft said in a statement that the hacking group - which it dubbed Storm-0558 - forged digital authentication tokens to access webmail accounts running on the firm's Outlook service. The activity began in May, Microsoft said.

"As with any observed nation-state actor activity, Microsoft has contacted all targeted or compromised organizations directly via their tenant admins and provided them with important information to help them investigate and respond," the company added.

Microsoft did not say which organizations or governments had been affected, but added that the hacking group involved primarily targets entities in Western Europe.

China's embassy in London called the accusation "disinformation" and called the U.S. government "the world's biggest hacking empire and global cyber thief." China routinely denies involvement in hacking operations regardless of the available evidence or context.

White House National Security Council spokesman Adam Hodge said an intrusion in Microsoft's cloud security "affected unclassified systems," without elaborating.

"Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service," Hodge added.

The State Department "detected anomalous activity" and "took immediate steps to secure our systems," a department spokesperson said in a statement. The Commerce Department said it took "immediate action" after Microsoft notified it of a compromise.

© Reuters. FILE PHOTO: The Microsoft sign is shown on top of the Microsoft Theatre in Los Angeles, California, U.S. October 19,2018.  REUTERS/Mike Blake/File Photo

Private sector cybersecurity experts have said newly discovered hacking activity shows how Chinese groups are improving their cyber capabilities.

"Chinese cyber espionage has come a long way from the smash-and-grab tactics many of us are familiar with," said John Hultquist, chief analyst for U.S. cybersecurity firm Mandiant.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.