China Based Hackers Breach Government and Individual Email Accounts: Microsoft Report
Microsoft’s Accusation Labeled “Disinformation” by China
China has labeled Microsoft’s report on a China-based hacking group breaching government-linked email accounts as “disinformation.” Chinese officials accused the accusation of being a diversionary tactic to draw attention away from U.S. cyber activities. China based hackers
Breach of Government-Linked Email Accounts Revealed in Microsoft’s Report
In a blog post, Microsoft revealed that the group, identified as Storm-0558, gained unauthorized access to email accounts associated with 25 organizations, including government agencies in Western Europe. The breach went undetected for weeks until customers reported abnormal mail activity.
Espionage Focus: Gaining Access to Email Systems for Intelligence Collection
Microsoft’s Executive Vice President of Security, Charlie Bell, stated that the hacking group seemed primarily focused on espionage, aiming to gain access to email systems for intelligence collection purposes. This suggests a targeted effort to gather sensitive information.
China Counters with Claims of U.S. Cyberattacks
Chinese foreign ministry spokesman Wang Wenbin dismissed the allegations as “disinformation” and pointed to the United States as the largest hacker empire engaged in cyber theft. He mentioned previous reports from cybersecurity organizations in China and other countries exposing cyber attacks by the U.S. government, which have gone unanswered.
Ongoing Investigation: U.S. National Security Adviser Provides Updates
U.S. National Security Adviser Jake Sullivan confirmed that the investigation into the breach was still ongoing. He assured that further breaches had been prevented and mentioned the collection of additional information in consultation with Microsoft. The public will be kept informed as more details emerge.
Forged Authentication Tokens Used by Storm-0558 Hackers
Microsoft disclosed that the Storm-0558 hackers employed forged authentication tokens to gain access to the compromised email accounts. Authentication tokens are crucial pieces of information used to verify the identity of a user.
Microsoft’s Response and Collaboration with Security Agencies
Microsoft stated that it had addressed the attack and notified affected customers. The company also pledged to work closely with the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency, and other entities to strengthen defenses against such attacks. Ongoing monitoring of Storm-0558’s activities is a priority.
Persistent Cyber Threats: Previous Incidents and Warnings
This incident follows a recent report by cybersecurity firm Mandiant, which revealed suspected state-backed Chinese hackers breaching networks of numerous public and private sector organizations globally. Additionally, earlier this year, Microsoft had warned about state-backed Chinese hackers targeting critical U.S. infrastructure, raising concerns about potential disruptions to vital communications during future crises.