China Targeted State Department Emails in Microsoft Hack, U.S. Officials Say

U.S. officials said Wednesday that Chinese hackers attempted to compromise certain State Department email accounts in the weeks before Secretary of State Anthony J. Brinken visited Beijing in June.

U.S. officials say an investigation is underway into a crime by Chinese hackers who are likely linked to the Chinese military and spy agencies. But U.S. officials downplayed the idea that hackers stole sensitive information, claiming no sensitive emails or cloud systems were breached. A State Department cybersecurity team first discovered the intrusion.

Officials said the attacks targeted personal email accounts, rather than the large-scale data breaches Chinese hackers have previously allegedly carried out. Biden administration officials declined to specify which officials were targeted by Chinese hackers.

Microsoft, which disclosed the hack on Tuesday, said an investigation showed the hack began in May and was discovered on June 16, just before Blinken’s visit to Beijing. He left Washington that night. This visit was extremely important for both the United States and China. It was the first visit to China by a US Secretary of State in five years, and was aimed at establishing high-level communication channels and improving relations that had deteriorated. Since then, Treasury Secretary Janet L. Yellen has been in Beijing, and Special Envoy for Climate Change John Kerry is scheduled to arrive in Beijing on Sunday for four days of talks.

President Biden and Chinese leader Xi Jinping met last November in Bali, Indonesia. stabilize the relationshipHowever, the two countries clashed in early February when the Pentagon spotted and shot down a Chinese reconnaissance balloon hovering over the US mainland. Brinken canceled a trip to China during that episode, and weeks later he publicly accused China of considering sending military aid to Russia for use in Ukraine.

A senior State Department official, who spoke on condition of anonymity about the sensitive case, said the hack did not initially appear to be directly related to the visit. Other officials warned that the investigation into any material stolen by the hackers is still in its early stages.

In a statement Wednesday, the State Department said after detecting “anomalous activity,” the government took steps to secure its systems and “will continue to monitor them closely and respond quickly to any further activity.”

After the State Department reported the hack to Microsoft, the company found that the hackers also targeted about 25 organizations, including government agencies. Microsoft said the attack was aimed at specific accounts rather than a mass infiltration by hackers, but did not specify how many accounts may have been compromised by Chinese hackers. .

The United States and China are embroiled in an intensifying information race, with both governments seeking to expand the other’s intelligence gathering. While such espionage and hacking is to be expected, U.S. officials said they have taken steps to address both the exploits used by Chinese hackers against the State Department and other potential security weaknesses in cloud computing. He said a strong investigation was underway.

The State Department is often targeted for hacking by foreign governments. Russian intelligence agencies have repeatedly targeted the State Department’s computer network. In 2014 and 2015, Russian hackers compromised the State Department, Joint Chiefs of Staff, White House, and other critical but unclassified computer networks.