Page Nav



Classic Header


Breaking News:


Chinese hackers exploit Microsoft cloud bug to raid US government email accounts, including the Commerce Secretary’s

  The email accounts of multiple senior United States government officials, including Secretary of Commerce Gina Raimondo,  have been hacked...

 The email accounts of multiple senior United States government officials, including Secretary of Commerce Gina Raimondo, have been hacked by a group suspected of being backed by the Chinese Communist Party in Beijing.

The hacking group, known as Storm-0558, compromised at least 25 email accounts, including that of Raimondo, multiple Department of State officials and several government agencies.  

A statement from Microsoft indicated that the hacking group forged digital authentication tokens to access the email accounts through the company's email and personal information management software, Outlook. The hacks allegedly started in May.

"As with any observed nation-state actor activity, Microsoft has contacted all targeted or compromised organizations directly via their tenant admins and provided them with important information to help them investigate and respond," said Microsoft in a statement. This statement did not divulge which other government agencies or officials had been affected by the hack.

"We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection," warned Executive Vice President of Microsoft Security Charlie Bell. "This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems."

White House National Security spokesperson Adam Hodge noted that the hack was initially identified by government safeguards last month, approximately one month after Microsoft discovered the hack.

Latest hack warns of increasing sophistication in Chinese infiltration attempts

National Security Agency Deputy Director George Barnes warned that China's hacker army used to be "noisy" and "rudimentary," but this most recent intrusion into government emails represents a new sophistication in Beijing's attempts to infiltrate government cyber systems. He further warned that this level of sophistication among Chinese hacker groups is likely to continue increasing.

The Wall Street Journal reported that the advances in Chinese hacking technology appear to be "driven by necessity" as competition between the U.S. and China rises to its fiercest in decades.

Beijing is eager for intelligence on what Washington is thinking and doing, but recent advances in American cybersecurity systems is forcing Chinese hacking groups to be more discriminating about when and how they break in. And heightened geopolitical tensions mean their attacks tend to be quieter and are less likely to be noticed quickly.

In this latest attack, the Chinese hackers gained access to the backdoor of Microsoft's cryptographic protection system and then used it to produce digital tokens to access the protected emails.

"They're hitting where the log data doesn't exactly light up like a siren to tell you what's wrong," noted Matt Durrin, director of training and research at the Missoula, Montana-based security consulting firm LMG Security.

For its part, the Chinese have denied accusations that it sponsored the hacking group, calling it "disinformation." Beijing further accused the U.S. government of being "the world's biggest hacking empire and global cyber thief."

China's reaction is routine for cyber attacks, as it regularly denies any and all involvement in potentially state-sponsored hacking operations regardless of the weight of evidence.

No comments