Chinese hackers have targeted US government accounts, Microsoft says

The computer giant Microsoft said on its website that Chinese hackers were looking for intelligence information in the email accounts of several US government agencies.

“The threat actor Microsoft is attributing to this incident is a Chinabased attacker whom Microsoft is naming Storm0558,” said the company, which launched an investigation into “anomalous email activity” on June 16.

Related

According to the American giant, Storm0558 gained access to the email accounts of around 25 organizations, including government agencies.

Microsoft pointed out that Storm0558 “primarily targets Western European government agencies and focuses on espionage, data theft and access to credentials”.

In the release, Microsoft executive vice president Charlie Bell said, “We believe this adversary is focused on espionage and gaining access to email systems for intelligence gathering.”

“These types of espionagemotivated attackers attempt to abuse credentials and gain access to data on sensitive systems,” Bell said.

Microsoft said the investigation’s results so far indicate that “on May 15, 2023, Storm0558 gained access to email accounts affecting approximately 25 organizations, including government agencies and related consumer accounts.”

While Microsoft has not identified the targets attacked, a US State Department spokesman stated that “unusual activity” was detected and “immediate action was taken to protect our systems.”

“Due to cybersecurity concerns, we have not discussed the details of our response and the incident remains under investigation,” the source said.

The Washington Post newspaper said on Wednesday that the hacked email accounts were irrelevant and that “Pentagon, intelligence and military email accounts did not appear to have been compromised.”

CNN, citing sources familiar with the investigation, said the Chinese hackers targeted a small number of federal agencies and the email accounts of certain employees of those agencies.

US National Security Advisor Jake Sullivan addressed the incident in an appearance on ABC’s Good Morning America on Wednesday, noting that it was discovered “very quickly.”

“The matter is still under investigation, so I’m leaving it at that as we are gathering more information in consultation with Microsoft and will continue to make it publicly available as we learn more,” the senior official said.

US Senator Mark Warner, chairman of the Senate Intelligence Committee, said the panel is “closely monitoring what appears to constitute a significant cybersecurity breach by Chinese intelligence agencies.”