Table of Contents
Recent Developments
Microsoft has revealed that China-based hackers have successfully breached the email accounts of approximately 25 U.S organizations, including government agencies. While Microsoft did not disclose the specific locations of the targeted government agencies, the U.S Department of Commerce confirmed that it was notified about the attack.
Various sources confirmed that Secretary of Commerce Gina Raimondo was among those affected by the breach. The State Department, another potential target, has not yet responded to requests for comment. The Chinese embassy in London dismissed the accusation as “disinformation” and criticized the U.S government as the “world’s biggest hacking empire and global cyber thief.”
Responsibity of the attack
Microsoft identified the hacking group responsible as Storm-0558, stating that the group primarily focuses on espionage, data theft, and credential access, targeting government agencies in Western Europe.
The breaches began in mid-May, but Microsoft claims to have mitigated the attack and contacted affected customers. The company implemented enhanced automated detection measures and found no evidence of further access.
Another similar incident
In a separate incident in May, Microsoft and Western spy agencies reported that Chinese hackers had deployed stealthy malware to attack critical infrastructure on U.S. military bases in Guam. This campaign was considered one of the largest cyber espionage operations against the U.S. China, however, labelled the Microsoft report as “highly unprofessional” and “disinformation.” China consistently denies involvement in hacking operations, disregarding available evidence and context.
In a blog post on Tuesday, Microsoft disclosed that a China-based hacking group, known as Storm-0558, had successfully gained access to email accounts linked to 25 organizations, including government agencies in Western Europe. The breach was discovered after customers reported unusual email activity. Microsoft’s executive vice president of security, Charlie Bell, stated that the group’s focus appeared to be espionage and intelligence gathering. U.S. officials also claimed that Storm-0558 breached unclassified email accounts associated with the U.S. government.
China’s respomse
China responded to the accusation by alleging that it was disinformation aimed at diverting attention from U.S. cyberattacks on China. The hackers utilized forged authentication tokens to access email accounts, according to Microsoft. The company stated that it has addressed the attack and notified affected customers. Microsoft is collaborating with various agencies, including the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency, to enhance defences against such attacks.
Chinese Foreign Ministry spokesman Wang Wenbin while dismissing the accusation and emphasized that the United States is the world’s largest hacker empire engaged in cyber theft. Wang also pointed out that China and other countries have repeatedly exposed cyberattacks by the U.S. government on China, with no response from the U.S.
US’s stance
The investigation into the breach is ongoing, according to U.S. National Security Adviser Jake Sullivan. He assured that swift action was taken to prevent further breaches, and further information is being gathered in consultation with Microsoft. Updates will be provided to the public as more details emerge.
Chinese hackers breached the email accounts of Commerce Secretary Gina Raimondo and other officials from the State and Commerce Departments before Secretary of State Antony J. Blinken‘s trip to Beijing in June, according to U.S. officials. The investigation is ongoing, but officials downplayed the theft of sensitive information, stating that no classified email or cloud systems were compromised. The intrusion was initially discovered by the State Department’s cybersecurity team. Raimondo was among the targets, but she was likely the only cabinet-level official successfully hacked.
The attack focused on individual email accounts rather than large-scale data exfiltration. The U.S. government has not formally attributed the attack to China, but officials privately agree with Microsoft’s attribution of the hack to China. The breach is seen as a sophisticated, government-backed attack. The U.S. and China are engaged in an escalating intelligence competition, prompting a robust investigation to address vulnerabilities. The State Department has been targeted by foreign government hacking in the past, particularly by Russian intelligence.