China-Based Hackers Breach Email Accounts At State Department

“As a matter of cybersecurity policy, we do not discuss the details of our response. The incident remains under investigation. And we continuously monitor our networks and update our security procedures,” said State Department spokesperson Matthew Miller.

China-Based Hackers Breach Email Accounts At State Department
China-Based Hackers Breach Email Accounts At State Department

Microsoft and U.S. officials said that hackers based in China recently broke into the email accounts of two major U.S. government agencies.

Spokespeople for the State Department and Commerce Department each confirmed Wednesday that email accounts of people in their agencies had been breached. Microsoft said approximately 25 organizations were part of the hack. The other organizations that were breached have not been identified.

YOU MAY ALSO LIKE: Joe Biden Calls Zelensky ‘Vladimir’ In Yet Another Gaffe During NATO Summit

Neither agency said how many individuals were affected.

The Cybersecurity and Infrastructure Security Agency (CISA), the federal cybersecurity watchdog, announced Wednesday that it first learned of the hacking campaign in mid-June. The campaign lasted around a month.

Top Chinese officials met with leaders from the State and Commerce Departments around that period.

China’s commerce minister, Wang Wentao, met in the U.S. with Commerce Secretary Gina Raimondo and trade representative Katherine Tai on May 25. Secretary of State Antony Blinken met with Chinese President Xi Jinping in Beijing on June 19.

The Washington Post and the New York Times reported that Raimondo’s email was compromised as part of the breach. NBC News has not confirmed those reports.

Microsoft did not name any affected countries or agencies but said the group primarily focuses on hacking Western governments to spy on them. Microsoft said it worked with CISA to kick the hackers out.

Sen. Mark Warner, D-Va., head of the Senate Intelligence Committee, said he and other committee members were “closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence.”

“It’s clear that the PRC is steadily improving its cyber collection capabilities directed against the U.S. and our allies,” Warner added, using an acronym for the People’s Republic of China. “Close coordination between the U.S. government and the private sector will be critical to countering this threat.”

In a press call Wednesday, a senior CISA official, who requested not to be named as terms to participate in the call, declined to say precisely how many other U.S. federal agencies were affected but said that the number “is in the single digits.”

The hacks started May 15 and went undetected until June 16, Microsoft announced in a report Tuesday evening. It said the perpetrators were primarily focused on gaining access to email accounts and no longer have that access.

The official said that the hackers could view victims’ emails and appeared only to target a handful of specific people.

“This appears to have been a very targeted, surgical campaign,” he said. Only unclassified mailboxes were affected, he said.

A spokesperson for the State Department said the agency took “immediate steps to secure” its system.

“As a matter of cybersecurity policy, we do not discuss the details of our response. The incident remains under investigation. And we continuously monitor our networks and update our security procedures,” said State Department spokesperson Matthew Miller.

Microsoft did not say whether it believed the China hackers group was affiliated with China’s government.

Unlike those working for Russia or Iran, hackers working for China rarely focus on disrupting their targets. However, they are generally regarded as some of the most prolific cyber spies in the world.

YOU MAY ALSO LIKE: Controversial Amendments Jeopardize Passage Of The NDAA In The House

On Thursday, Chinese Foreign Ministry spokesperson Wang Wenbin urged U.S. officials to provide more details about the hacking.

“The U.S. side should give an account of its cyberattacks as soon as possible, rather than spreading false information to divert attention,” he said at a regular news briefing in Beijing, according to the state-owned China News Service.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments