According to Microsoft, Chinese hackers hacked into government email accounts.
Microsoft disclosed Tuesday night that Chinese hackers with the intent of gathering intelligence on the United States obtained access to government email accounts.
According to a person apprised on the intrusion into government networks, the attack was targeted, with hackers going after specific accounts rather than conducting a broad-brush intrusion that would consume massive quantities of data. National Security Council spokesman Adam Hodge stated that no classified networks had been compromised. Continuing evaluation of how much information was collected.
Microsoft reported that approximately 25 organizations, including government agencies, had been compromised by a cyber group that used counterfeit authentication tokens to gain access to individual email accounts. Microsoft stated that hackers had access to at least some accounts for a month before the intrusion was discovered. It failed to identify the afflicted organizations and agencies.
The sophistication and specificity of the attack indicate that the Chinese cyber group was either a part of Beijing’s intelligence service or was working for it. “We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection,” Charlie Bell, an executive vice president at Microsoft, wrote in a blog post on Tuesday evening.
Despite the fact that the breach appeared to be on a much smaller scale than recent intrusions such as the SolarWinds hack by Russia in 2019 and 2020, it posed a threat to further strain relations between the United States and China as it could provide useful information to the Chinese government and its intelligence services.
Mr. Hodge stated that the vulnerability exploited by the hackers appeared to be in Microsoft’s cloud security, and that the U.S. government promptly notified the company.
A person briefed on the intrusion stated that the attack revealed a significant cybersecurity breach in Microsoft’s defenses and raised serious concerns about the security of cloud computing within the government. The government has been migrating data to the cloud, which promises enhanced information accessibility and security because it is quicker to deploy patches for vulnerabilities. The United States also employs classified cloud servers, but their security protocols are more stringent.
According to the individual apprised on the intrusion, government security requirements should have prevented the breach, and Microsoft has been urged to provide additional information about the vulnerability.
Mr. Hodge stated, “We continue to hold the government’s procurement providers to a high security standard.”
The intrusion occurs at a delicate time in U.S.-Chinese relations, as the Biden administration seeks to defuse tensions that have been exacerbated in recent months by incidents such as the passage of a Chinese surveillance balloon over the United States. The criticism that the Biden administration is not doing enough to deter Chinese espionage could increase.
Cliff Sims, a former spokesman for the director of national intelligence in the Trump administration, stated that China was emboldened as a result of President Biden’s failure to confront Beijing regarding its efforts to influence recent elections.
Before taking action, we must have serious conversations about the level of espionage we will tolerate, according to Mr. Sims.
In a blog post, Mr. Bell stated that those affected by the breach had been notified and that the company had accomplished mitigation efforts. According to the person apprised on the intrusion, government officials continue to request more information from the company about the vulnerability and how it was exploited.
Microsoft stated that it was informed of the breach and intrusion on June 16. The Chinese espionage group first obtained access to email accounts on May 15, according to the company’s blog post.
Microsoft did not disclose the number of accounts it believes were compromised by the Chinese hackers.
China has one of the world’s most aggressive and proficient intelligence espionage operations.
Beijing has conducted a series of successful cyberattacks that have resulted in the theft of vast quantities of government data over the years. In 2015, the Office of Personnel Management was the victim of a massive data intrusion allegedly perpetrated by hackers affiliated with China’s foreign intelligence service.
During the Trump administration, Russian intelligence agencies exploited a software flaw to obtain access to thousands of computer systems, including those of numerous government agencies. The breach was titled after the network management software used by Russian intelligence agencies to gain access to computers worldwide.