Chinese Hackers Used Microsoft Cloud To Access US Government Emails

Microsoft revealed in recent blog entries that a China-based hacking organization known as Storm-0558 secretly accessed email accounts at roughly 25 companies, including at least two US government institutions.

Commerce Secretary Gina Raimondo is the first Cabinet-level official whose account has been compromised as a result of the targeted cyberespionage activity.

According to officials, the vulnerabilities have been minimized, but an FBI investigation is underway.

A senior US government official told the media that comparing it to the SolarWinds incident, a massive collection of digital break-ins revealed in late 2020 and blamed on Russian cyberspies, would be unjust.

“This intrusion should not be compared to SolarWinds”, the official stated, referring to the newly found effort as much narrower.

The US official declined to comment on Microsoft’s choice to blame the hack on China.

According to Microsoft, the hacker group used faked digital authentication tokens to access webmail accounts operating on the company’s Outlook service. According to Microsoft, the activity began in May.

“As with any observed nation-state actor activity, Microsoft has contacted all targeted or compromised organizations directly through their tenant admins and provided them with critical information to assist them in investigating and responding”, the company stated.

Microsoft did not specify which corporations or governments were hit but did state that the hacker organization was primarily targeting entities in Western Europe.

The Chinese embassy in London described the claim as ‘disinformation’ and the US government as the world’s biggest hacking empire and global cyber thief. Regardless of the available evidence or context, China constantly denies involvement in hacking operations.

According to White House National Security Council spokesperson Adam Hodge, an intrusion in Microsoft’s cloud security affected unclassified systems, without elaborating.

“Officials contacted Microsoft immediately to find the source and vulnerability in their cloud service”, Mr. Hodge continued.

The State Department detected anomalous activity and took immediate steps to secure our systems, according to a department official. The Commerce Department stated that it took immediate action after receiving notification of a hack from Microsoft.

According to private sector cybersecurity specialists, newly uncovered hacking activity demonstrates how Chinese groups are increasing their cyber skills.

“Chinese cyber espionage has come a long way from the smash-and-grab tactics that many of us are familiar with”, said John Hultquist, chief analyst at the US cybersecurity firm Mandiant.