Chinese hackers breached US government email accounts: Microsoft
US National Security Adviser Jake Sullivan addressed the hack in an appearance on Wednesday on ABC’s Good Morning America, and said it had been detected “fairly rapidly”.
“We were able to prevent further breaches,” Sullivan said.
“The matter is still being investigated, so I have to leave it there because we’re gathering further information in consultation with Microsoft and we will continue to apprise the public as we learn more,” Sullivan said.
Microsoft said Storm-0558 “primarily targets government agencies in Western Europe and focuses on espionage, data theft, and credential access.”
The Redmond, Washington-based company said it had launched an investigation into “anomalous mail activity” on Jun 16.
“Over the next few weeks, our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organisations including government agencies as well as related consumer accounts,” it said.
“They did this by using forged authentication tokens to access user email using an acquired Microsoft account consumer signing key,” the company said. “Microsoft has completed mitigation of this attack for all customers.”
US Senator Mark Warner, chairman of the Senate Select Committee on Intelligence, said the panel is “closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence”.
“It’s clear that the PRC is steadily improving its cyber collection capabilities directed against the US and our allies,” Warner said in a statement.
Source: CNA