The information was released by the Microsoft company on its official blog. Among the agencies affected is the US State Department. It is not the first time this year that China has been pointed out as a source of cyberattacks. The US National Security Adviser stated that the attack was dealt with quickly and a greater evil could be averted.
First modification:
3 min
A new chapter in the level of Chinese-American cyber espionage. The Reuters news agency reported that a group of Chinese hackers accessed email accounts of at least 25 organizations, including some government entities.
The information was released this Wednesday by US officials hand in hand with the company Microsoft. This last published a statement on their official blog, listing the offending group as ‘Storm-0558’.
The hackers forged authentication tokens to gain access to email accounts running on the Outlook service. According to Microsoft, the break-in activities started in May of this year.
The statement added that the computer giant “contacted all of the compromised or attacked organizations directly through their tenant administrators and has provided them with important information to help them investigate and respond.” The affected organizations were not specified.
A source familiar with the investigation, quoted by the AP news agency, reported that the US military and intelligence agencies were not affected. The first government entity to detect the breach was the State Department. The allegedly stolen data was described as “a small amount.”
China is “getting better”
Senate Intelligence Committee Chairman Mark Warner said in a statement that he was “closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence.” According to Warner, China is “improving” data collection techniques that are primarily directed against the United States and its allies.
According to the official, the cyber operation was directed directly against diplomats and other affairs managers who are related to the Asian giant in dissimilar US organizations. However, Warner detailed that the attack was directed at unclassified systems.
A spokesman for the US National Security Council confirmed that, despite the breach detected, “they continue to keep US government acquisition providers at a high security threshold.” Another important piece of information known was that the discovery was confirmed shortly before Secretary of State Antony Blinken’s visit to China.
We were able to prevent further violations
In an interview from Lithuania, US National Security Adviser Jake Sullivan told ABC that “they detected the attack fairly quickly and were able to prevent further breaches.” “The matter is still under investigation,” he later said, “so I have to leave it here because we’re still gathering information.” Sullivan promised more details as the investigation progresses.
Sullivan’s remarks were backed by the State Department. According to Reuters, they have no reason to doubt the accusation made by the giant Microsoft. A spokesman for the agency in charge of international relations in the United States stressed that abnormal activity had been detected last month, for which he immediately notified Microsoft. The official stressed that, at that time, no one in particular was blamed.
China rejects the accusations
Despite all the uproar, China denies the allegations. Its Foreign Ministry described the allegations as “disinformation” which, according to spokesman Wang Wenbin, is a strategy to divert information about US cyber-espionage against China. “No matter which agency issued this information, it will never change the fact that the United States is the largest hacker empire in the world that performs the most cyber theft.”, he concluded.
This is not the first charge against Beijing for computer espionage. In early 2023, another group of hackers targeted critical infrastructure in the United States. A kind of maneuver that can be used to disrupt communications between Asia and Washington in a supposed crisis.
Last June, the Mandiant firm, dedicated to cybersecurity, argued that hundreds of private and public entities worldwide. The company, which is also owned by Google, highlighted that the cyber assault was aimed at enhancing a vulnerability in a well-known email security tool.
With AP and Reuters
