Friday, September 29, 2023
HomeWorld NewsUS Government Email Breach Enabled by Chinese Hack of Microsoft Engineer

US Government Email Breach Enabled by Chinese Hack of Microsoft Engineer

The recently uncovered Chinese hack of hundreds of thousands of emails from top U.S. officials began with the breach of a Microsoft engineer’s account, the company stated on Sept. 6.

The Chinese hacking group, which Microsoft dubbed Storm-0558, penetrated the engineer’s account, giving it access to a cryptographic key that the group later used to break into the U.S. government accounts, Microsoft said in a blog post after a months-long investigation.

The revelation offered details on a Chinese state-sponsored cyberattack that alarmed Washington, which spanned 25 organizations and affected the State and Commerce departments, as well as at least one lawmaker and a Washington think tank.

Related Stories

Among the individuals whose email systems were breached were Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns, and Assistant Secretary of State for East Asia Daniel Kritenbrink. Rep. Don Bacon (R-Neb.) said in August that he was also a victim of the hacking campaign.

Microsoft stated that the Chinese hackers had likely exploited the crash of the company’s internal system in April 2021 that leaked the key, which the engineer’s corporate account had access to. The hacker group subsequently forged credentials to compromise Microsoft’s Outlook on the web and Outlook systems. The tech giant stated that it has corrected the technical vulnerabilities.

The hacking attempt surfaced at a sensitive time. The investigation began the same day that Secretary of State Antony Blinken headed to China to engage with senior Chinese officials, the highest-ranking official under the Biden administration to do so. CNN, citing two unnamed U.S. officials, reported in July that the Biden administration believes that the hacking operation had given Beijing clues about U.S. thinking ahead of the U.S. visit.

Concerns over the hack in August led the House Committee on Oversight and Accountability to request a briefing with Mr. Blinken and Ms. Raimondo to learn about the impact of the cyberattacks on their institutions.
In July, Sen. Mark Warner (D-Va.), chairman of the Senate Select Committee on Intelligence, said the hack demonstrates the urgency for the U.S. government and the private sector to closely coordinate to counter the Chinese threats. It’s clear that Beijing is “steadily improving its cyber collection capabilities directed against the U.S. and our allies.”

The breach also called attention to Microsoft’s security system. The Department of Homeland Security’s Cyber Safety Review Board, a panel of government and industry experts, has launched a probe to examine the potential systemic risk in cloud computing.

The Microsoft breach represents only a drop in the cyberattacks from China.

Cybersecurity firm Mandiant stated in June that state-backed Chinese hackers had exploited a loophole to intrude into the networks of hundreds of public and private sector organizations around the globe—a third of the breach involved government agencies.

Cyber Espionage

Microsoft and various cybersecurity agencies under the Five Eyes alliance in May also warned about malicious activities from Chinese cyber espionage group Volt Typhoon targeting a wide range of networks across U.S. critical infrastructure.

According to Microsoft, these hackers attempted to “disrupt critical communications infrastructure between the United States and Asia region during future crises,” including manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

The company also noted the risk for military facilities in Guam in the Western Pacific that are key in responding to conflicts in the Asia-Pacific region.

“It’s a fairly rare thing to put out something like this so publicly and, of course, it runs a risk of frightening people, and we probably have good reasons to be frightened,” Thomas Patrick Keenan, a professor at the University of Calgary, told The Epoch Times earlier.

Ms. Raimondo said she has challenged Chinese officials over the email hacking during her trip to China.

“I was very clear, direct, and firm in all of my conversations with my Chinese counterparts. I didn’t pull any punches. I didn’t sugarcoat anything, and no one is more realistic than I am about the challenges as it relates to the hack,” she told CNN’s State of the Union.

The operation “erodes trust,” according to Ms. Raimondo.

“I wanted to be clear

Source link

I'm TruthUSA, the author behind TruthUSA News Hub located at With our One Story at a Time," my aim is to provide you with unbiased and comprehensive news coverage. I dive deep into the latest happenings in the US and global events, and bring you objective stories sourced from reputable sources. My goal is to keep you informed and enlightened, ensuring you have access to the truth. Stay tuned to TruthUSA News Hub to discover the reality behind the headlines and gain a well-rounded perspective on the world.
- Advertisment -

Most Popular

Recent Comments