Microsoft revealed Tuesday night that Chinese hackers with the intent to gather information about the United States accessed government email accounts.
of blog post, Microsoft announced that about 25 organizations, including government agencies, were compromised by a hacking group that used forged authentication tokens to access personal email accounts. The hackers had access to at least some accounts for a month before the breach was detected, Microsoft said. No affected organizations or institutions have been identified.
This new breach does not appear to be on the same scale as the 2019 and 2020 Russian breaches of government computers known as the SolarWinds hack, the largest known recent breach. Microsoft officials said far fewer email accounts were involved in this new intrusion and didn’t penetrate the target system very deeply.
Also, the hackers don’t seem to have access to sensitive networks. Nonetheless, if he had access to government emails for a month before being detected, the hackers could learn useful information for the Chinese government and its intelligence agencies.
“We assess that this adversary is focused on espionage, including accessing email systems to gather information,” said Charlie Bell, executive vice president of Microsoft, in a blog post. . “This type of espionage adversary uses credentials to try to access data residing on sensitive systems.”
The hack could further strain Sino-U.S. relations, even as the Biden administration seeks to defuse tensions that have worsened in recent months with several incidents, including a Chinese spy balloon crossing the United States.
Criticism could also mount that the Biden administration has not taken sufficient steps to deter China from spying. Cliff Sims, a former press secretary to the Trump administration’s director of national intelligence, said China was encouraged because President Biden did not confront Beijing over his attempts to influence the recent election. .
“We need to have a serious discussion about how much hacking is acceptable before we act,” Sims said.
In a blog post, Bell said those affected by the hack have been notified and the company has completed mitigation efforts.
Hours before Microsoft’s announcement, earlier Tuesday, representatives of various intelligence and national security agencies said they were unaware of reports of an intrusion by China. A spokesman for the National Security Council did not respond to a request for comment Tuesday night.
But Microsoft said it warned of the intrusion and breach on June 16, based on information reported by customers. A month earlier, on May 15, Chinese hackers began gaining access to email accounts, according to a company blog post.
Microsoft did not say how many accounts it believed may have been compromised by the Chinese hackers, nor did it say whether it knew what information had been exposed.
China has the most aggressive and most capable intelligence hacking operations in the world.
Over the years, the Chinese government has carried out a series of hacks that have successfully stolen vast amounts of government data. In 2015, a huge number of records were stolen from the Human Resources Administration in a data breach believed to have been carried out by hackers affiliated with China’s foreign spy agency.
In the Trump-era SolarWinds hack, Russian intelligence used software vulnerabilities to gain access to thousands of computer systems, including many government agencies. The hack is named after the network management software used by Russian intelligence agencies to infiltrate computers around the world.
