Chinese hackers, linked to the state, targeted 25 companies, including 2 US government agencies, secretly breaching their email accounts since May, according to Microsoft and US officials.
According to White House national security adviser Jake Sullivan, the US noticed a compromise of federal government accounts “fairly quickly” and was able to prevent subsequent breaches.
The US State and Commerce Departments issued statements indicating that they were among the departments affected.
The email accounts of Secretary of Commerce Gina Raimondo and Department of State officials were apparently compromised, according to The Washington Post, citing US sources familiar with the situation.
The only Cabinet-level official whose account was compromised in the scandal is Raimondo.
It would be incorrect to compare it to the SolarWinds compromise, a huge collection of digital intrusions that were revealed in late 2020 and attributed to Russian cyberspies, a senior US government source told reporters.
Tokens of Authentication
Microsoft stated in a statement that the hacking gang, Storm-0558, used counterfeit digital authentication tokens to access webmail accounts operating on the company’s Outlook service. Microsoft stated that the action began in May.
Microsoft did not specify which corporations or countries were compromised, but did state that the hacker gang in question predominantly targets entities in Western Europe.
The Chinese embassy in London described the claim as “disinformation” and the US government as “the world’s biggest hacking empire and global cyber thief.” China frequently denies involvement in hacking activities regardless of the available evidence or context.
An intrusion in Microsoft’s cloud security “affected unclassified systems,” according to White House National Security Council spokesperson Adam Hodge, without elaborating.
According to private sector cybersecurity specialists, newly uncovered hacking activity demonstrates how Chinese groups are increasing their cyber skills.