Chinese hackers breached State, Commerce Depts, Microsoft and US say
Send a link to a friend
[July 13, 2023]
By James Pearson and Christopher Bing
WASHINGTON/LONDON (Reuters) - Chinese state-linked hackers since May
have secretly accessed email accounts at around 25 organizations,
including at least two U.S. government agencies, Microsoft and U.S.
officials said on Wednesday.
The United States detected a breach of federal government accounts
"fairly rapidly" and managed to prevent further breaches, White House
national security adviser Jake Sullivan said in an interview with ABC's
"Good Morning America" program.
The U.S. State and Commerce Departments said in statements that they
were among the affected agencies.
The email accounts of Secretary of Commerce Gina Raimondo and Department
of State officials were also hacked, The Washington Post reported,
citing U.S. officials familiar with the matter.
Raimondo is the only known Cabinet-level official to have their account
breached in the incident.
A senior U.S. government official told reporters it would be unfair to
compare it to the SolarWinds compromise, a sweeping set of digital
break-ins that were disclosed in late 2020 and blamed on Russian
cyberspies.
"This intrusion should not be compared to SolarWinds," the official
said, calling the recently discovered campaign "much narrower."
The U.S. official said he could not comment on Microsoft's decision to
attribute the hack to China.
Microsoft said in a statement that the hacking group - which it dubbed
Storm-0558 - forged digital authentication tokens to access webmail
accounts running on the firm's Outlook service. The activity began in
May, Microsoft said.
"As with any observed nation-state actor activity, Microsoft has
contacted all targeted or compromised organizations directly via their
tenant admins and provided them with important information to help them
investigate and respond," the company added.
[to top of second column]
|
The Microsoft sign is shown on top of
the Microsoft Theatre in Los Angeles, California, U.S. October
19,2018. REUTERS/Mike Blake/File Photo
Microsoft did not say which organizations or governments had been
affected, but added that the hacking group involved primarily
targets entities in Western Europe.
China's embassy in London called the accusation "disinformation" and
called the U.S. government "the world's biggest hacking empire and
global cyber thief." China routinely denies involvement in hacking
operations regardless of the available evidence or context.
White House National Security Council spokesman Adam Hodge said an
intrusion in Microsoft's cloud security "affected unclassified
systems," without elaborating.
"Officials immediately contacted Microsoft to find the source and
vulnerability in their cloud service," Hodge added.
The State Department "detected anomalous activity" and "took
immediate steps to secure our systems," a department spokesperson
said in a statement. The Commerce Department said it took "immediate
action" after Microsoft notified it of a compromise.
Private sector cybersecurity experts have said newly discovered
hacking activity shows how Chinese groups are improving their cyber
capabilities.
"Chinese cyber espionage has come a long way from the smash-and-grab
tactics many of us are familiar with," said John Hultquist, chief
analyst for U.S. cybersecurity firm Mandiant.
(Editing by Alistair Bell and Diane Craft)
[© 2023 Thomson Reuters. All rights
reserved.]This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|