Chinese Hackers Target 25 Organisations, Including US Government
Chinese state-linked hackers have infiltrated approximately 25 organisations, including two US government agencies, Microsoft reveals.
Chinese state-linked hackers have gained unauthorized access to email accounts belonging to around 25 organisations, including at least two US government agencies, according to statements made by Microsoft and US officials on Wednesday. The breach, detected since May, involved the forging of digital authentication tokens by the hacking group known as Storm-0558, targeting webmail accounts running on Microsoft's Outlook service. The US State and Commerce Departments confirmed their agencies were affected, but the scale of the breach remains unclear.
In an interview with ABC's "Good Morning America" program, White House national security adviser Jake Sullivan acknowledged the breach of federal government accounts but emphasized that the US authorities acted swiftly to prevent further intrusions. Sullivan stated that the breach was of a "much narrower" scope than the SolarWinds compromise reported in late 2020, which was attributed to Russian cyberspies.
Microsoft, in their statement, revealed that they had directly contacted the targeted organisations to provide assistance in investigating and responding to the breach. However, the company did not disclose the names of the affected entities but stated that Storm-0558 primarily targets organizations in Western Europe.
China's embassy in London dismissed the accusations as "disinformation" and labeled the US government as the "world's biggest hacking empire and global cyber thief." Denying involvement, China routinely refutes claims of its participation in hacking operations, regardless of the evidence or context available.
The White House National Security Council spokesperson, Adam Hodge, mentioned that the intrusion in Microsoft's cloud security only affected unclassified systems, without providing further details. The US State Department and Commerce Department took immediate action to secure their systems after detecting anomalous activity and being alerted by Microsoft.
Cybersecurity experts in the private sector highlight that this recent hacking activity demonstrates the continuous improvement of Chinese cyber espionage capabilities. John Hultquist, the chief analyst for US cybersecurity firm Mandiant, remarked that Chinese groups have evolved from simple tactics to sophisticated cyber operations.
Chinese state-linked hackers have accessed email accounts at approximately 25 organisations, including two US government agencies.
The breach involved the use of forged digital authentication tokens by the hacking group Storm-0558, targeting Microsoft Outlook service.
The US State and Commerce Departments confirmed their agencies were affected, but the full extent of the breach remains unclear.