Microsoft disclosed on Tuesday night that Chinese hackers, with the intention of collecting intelligence on the United States, gained access to government email accounts.
According to a person briefed on the intrusion into the government networks, the attack was targeted, with the hackers specifically going after certain accounts instead of conducting a broad intrusion. Adam Hodge, a spokesman for the White House’s National Security Council, confirmed that no classified networks were affected. The assessment of the amount of information taken is still ongoing.
Microsoft revealed that approximately 25 organizations, including government agencies, were compromised by the hacking group. The group used forged authentication tokens to gain access to individual email accounts. The hackers had access to some of the accounts for a month before the breach was detected. The affected organizations and agencies were not identified.
The targeted nature and sophistication of the attack suggest that the Chinese hacking group was either part of Beijing’s intelligence service or working for it. In a blog post, Charlie Bell, a Microsoft executive vice president, stated, “We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection.” Although the breach was smaller in scale compared to recent intrusions like the SolarWinds hack by Russia, it still poses a threat to U.S.-China relations and could provide valuable information to the Chinese government and its intelligence services.
The vulnerability exploited by the hackers appeared to be in Microsoft’s cloud security and was initially detected by the U.S. government, which promptly informed the company. The attack revealed a significant cybersecurity gap in Microsoft’s defenses within the government and raised concerns about the security of cloud computing. The government has been transitioning data to the cloud for better access and improved security, but the incident highlights the need for additional security protocols.
According to the person briefed on the intrusion, the breach should have been prevented by government security requirements. Microsoft has been requested to provide further information about the vulnerability. Mr. Hodge stated, “We continue to hold the procurement providers of the U.S. government to a high security threshold.”
The timing of the hack is delicate for U.S.-China relations, as the Biden administration aims to ease tensions. The incident may lead to increased criticism of the administration’s efforts to deter Chinese activities.
2023-07-11 23:34:06
Original from www.nytimes.com