Chinese hackers stole 60,000 US government emails
in May breach
[Source]
Chinese hackers managed to steal 60,000 emails from U.S. State Department officials earlier this year, a Senate staffer briefed on the matter has claimed.
Major cyberattack: Senior State Department IT officials revealed the new information at a press briefing in the U.S. Senate on Wednesday. A staffer working for Sen. Eric Schmitt (R-MO) who attended the briefing revealed to Reuters that the breach compromised the Microsoft email accounts of nine State Department officials focused on East Asia and the Pacific, and another official who works on European issues.
Among the accessed information involved sensitive data, such as travel itineraries and diplomatic discussions. These cyberattacks occurred in May, ahead of Secretary of State Antony Blinken’s planned trip to China the following month.
How it happened: The hackers reportedly exploited a vulnerability in Microsoft's systems, facilitated by the theft of a token from a Microsoft engineer. This allowed them to gain unauthorized access to the email accounts of the officials.
More from NextShark: Police find remains of Ohio Vietnamese mother missing since 2002
The scope of the breach extended beyond the State Department, affecting a total of 25 entities, including the Department of Commerce.
Links to Chinese hacking group: State Department spokesperson Matthew Miller confirmed the breach during a press conference on Sept. 28.
“[T]his was a hack of Microsoft systems that the State Department uncovered and notified Microsoft about,” Miller said. “We have no reason to doubt [Microsoft’s] attribution in this case.”
More from NextShark: Family Demands Justice in Death of Filipina Flight Attendant
While the State Department did not formally attribute the hack to China, Microsoft has previously blamed a “China-based” hacking group for the breach back in July. Beijing denied involvement at the time.
Fallout and response: The cyberattack has intensified concerns regarding Chinese hacking activities on Capitol Hill. U.S. lawmakers and Biden administration officials scrutinized the government's reliance on a single vendor, citing its potential weakness in its security infrastructure.
In response to the breach, the State Department has reportedly started transferring its data to "hybrid" environments with different vendors and implemented multi-factor security authentication.
REUTERS REPORT 2 DAYS AGO
Chinese hackers stole emails from US State Dept in Microsoft breach, Senate staffer says
A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File photo Acquire Licensing Rights
WASHINGTON, Sept 27 (Reuters) - Chinese hackers who breached Microsoft's (MSFT.O) email platform this year managed to steal tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters on Wednesday.
The staffer, who attended a briefing by State Department IT officials, said the officials told lawmakers that 60,000 emails were stolen from 10 State Department accounts. Nine of those victims were working on East Asia and the Pacific and one worked on Europe, according to the briefing details shared via email by the staffer, who declined to be named.
The staffer works for Senator Eric Schmitt.
U.S. officials and Microsoft said in July that Chinese state-linked hackers since May had accessed email accounts at around 25 organizations, including the U.S. Commerce and State Departments. The extent of the compromise remains unclear.
U.S. allegations that China was behind the breach have strained an already tense relationship between the countries, as Beijing has denied the charges.
The State Department individuals whose accounts were compromised mostly focused on Indo-Pacific diplomacy efforts, and the hackers also obtained a list containing all of the department's emails, according to the Wednesday briefing.
The sweeping hack has refocused attention on Microsoft's outsize role in providing IT services to the U.S. government. The State Department has begun moving to "hybrid" environments with multiple vendor companies and improved uptake of multi-factor authentication, as part of measures to protect its systems, according to the officials at the briefing.
The hackers compromised a Microsoft engineer's device, which allowed them to breach the State Department's email accounts, according to the briefing.
Microsoft earlier this month said that a hack of senior officials at the U.S. State and Commerce Departments stemmed from the compromise of a Microsoft engineer's corporate account.
"We need to harden our defenses against these types of cyberattacks and intrusions," Schmitt said in a statement shared by the staffer in an email to Reuters following the briefing.
"We need to take a hard look at the federal government's reliance on a single vendor as a potential weak point," he said.
A Microsoft spokesman did not have an immediate comment on the Senate briefing. The company, which has faced criticism over its security practices since the breaches, has said that the hacking group behind them - dubbed Storm-0558 - had broken into webmail accounts running on the firm's Outlook service.
The State Department did not immediately return a message seeking comment on Wednesday, and Schmitt wasn't available for an interview.
Reporting by Raphael Satter and Zeba Siddiqui; Editing by Leslie Adler
No comments:
Post a Comment