Chinese Hackers Accessed US Government Email Accounts, Microsoft Confirmed

The tension between China and the US isn't going to die down any time soon. With recent events, matters might just get worst. Reports say that Chinese hackers managed to access email accounts affiliated with the US government.

Cyber Attack
Getty Images

Chinese Hackers Exploit System Flaw

US government employees, government agencies, and related accounts have been hacked by Chinese threat actors. Microsoft's cloud email service had a flaw that allowed the hackers to gain access to 25 emails, which Microsoft has already confirmed.

The hacker group was referred to as Storm-0558. The term "Storm" is used by Microsoft to detect hacking groups that are "in development" or are showing up for the first time, as mentioned in Tech Crunch. Although, the perpetrator remains unidentified.

According to White House National Security Council spokesperson Adam Hodge, the US government safeguards identified an intrusion in Microsoft's cloud security last month, which affected unclassified systems, confirming that government organizations were affected.

In an attempt to contain the issue, officials immediately contacted Microsoft to "find the source and vulnerability," says Hodge. He added that they continue to hold the procurement providers of the IS government to a high-security threshold.

The hacker group from China was said to be "well-resourced," breaching emails using Outlook Web Access in Exchange Online through forged authentication tokens. It was then that the hackers exploited the token validation to gain access as Azure AD users.

Microsoft cybersecurity executive Charlie Bell believes that the threat actors are focused on espionage, which alludes to gaining access to email systems and even "intelligence collection." The Storm-00580 no longer has access to the affected email.

On a more concerning note, the hackers remained undetected for approximately a month. It was only until customers noticed irregularities in mail activities and reported them to Microsoft that the hackers were discovered.

The FBI believes that it was a targeted campaign. Although they did not disclose the exact number of government agencies and organizations that were impacted, they assured that it was only in "single digits."

US and China Tensions

The relations between China and the US have been rocky for years, and they have only been worsened by events that have transpired. For instance, the incident with the alleged spy balloon has sparked controversies about China trying to infiltrate US intelligence communications.

China insists that it was simply a weather balloon that strayed from its course. A US fighter jet eventually shot it down, although the recovered pieces from the aircraft suggest that it was capable of more than what weather balloons can do.

According to CBS News, the balloon had high-tech equipment that was capable of collecting communication signals and other sensitive information. A senior state department official expressed that it was "clearly for intelligence surveillance" and included several antennas.

US officials recovered more debris from the balloon, about 30 to 40 feet of the balloon's antenna array. It was sent to the FBI lab in Quantico to be studied. Although, there has not been news since about the findings, which shows that investigation efforts may not be finished.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics