Hackers linked to the Chinese state have since May secretly accessed the email accounts of about 25 organizations, including US government accounts, in a covert cyberespionage campaign, officials in Microsoft and US on Wednesday.
The United States detected a breach of federal government accounts “fairly quickly” and was able to prevent further breaches, White House national security adviser Jake Sullivan said in an interview with ABC’s “Good Morning America” program.
The US State Department is one of the affected government agencies, according to a person familiar with the investigation who spoke on condition of anonymity.
The hacking group, which Microsoft calls Storm-0558, created digital authentication tokens to access webmail accounts running the company’s Outlook service, the company said in a statement. The event began in May, Microsoft said.
“As with any observed country actor activity, Microsoft contacted all targeted or compromised organizations directly through their tenant administrators and provided them with important information to help them investigate and respond, ” added the company.
Microsoft did not say which organizations or governments were affected, but added that the hacking group mainly targeted entities in Western Europe.
The Chinese embassy in London called the accusation “disinformation” and called the US government “the world’s biggest hacking empire and global cyber thief.” China has consistently denied involvement in hacking operations regardless of available evidence or context.
White House National Security Council spokesman Adam Hodge said a breach in Microsoft’s cloud security “affects unclassified systems,” without elaborating.
“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” Hodge added.
The State Department “detected the anomalous activity” and “took immediate steps to secure our systems,” a department spokeswoman said in a statement.
Private sector cybersecurity experts say the newly discovered hacking activity shows how Chinese groups are improving their cyber capabilities.
“Chinese cyber espionage has come a long way from the smash-and-grab tactics most of us are familiar with,” said John Hultquist, principal analyst at US cybersecurity firm Mandiant.
Topics
Cyber China
Interested in Cyber?
Get automatic alerts for this topic.