China-based hackers seeking intelligence breached the email accounts of several US government agencies, computer giant Microsoft reported in a blog post.
“The threat actor that Microsoft links to this incident is a China-based adversary that Microsoft calls Storm-0558,” the company said, launching an investigation into the “anomalous email activity” on June 16.
According to the US technology, Storm-0558 gained access to email accounts of approximately 25 organizations, including government agencies.
Microsoft did not identify the targets of the attacks, but a State Department spokesman said the entity had “detected anomalous activity” and taken “immediate steps to protect” its systems.
“As a matter of cybersecurity policy, we are not discussing details of our response and the incident remains under investigation,” the official explained.
According to The Washington Post, the compromised email accounts have been declassified and “the Pentagon, intelligence community and military email accounts do not appear to be affected.”
However, the newspaper reported Wednesday night, citing US officials, that email addresses for the State Department and Commerce Secretary Gina Raimondo were affected.
CNN, citing sources close to the investigation, reported that the Chinese hackers targeted a small number of federal agencies and the accounts of specific officials from each agency.
In the Microsoft corporate blog post, Charlie Bell, the company’s executive vice president, said they believe “this adversary is focused on espionage, such as gaining access to email systems for intelligence gathering.”
“This type of espionage-motivated adversary seeks to abuse credentials and gain access to data located on sensitive systems,” the executive said.
Microsoft maintained that the findings thus far in the investigation “revealed that as of May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organizations, including government agencies and related consumer accounts.
US National Security Adviser Jake Sullivan addressed the hack in an appearance Wednesday on ABC’s “Good Morning America,” noting that it had been detected “quite quickly.”
“The matter is still being investigated, so I’m leaving it there because we are gathering more information in consultation with Microsoft and will continue to report publicly as we learn more,” the senior official said.
US Senator Mark Warner, chairman of the Senate Select Committee on Intelligence, said the panel is “closely monitoring what appears to be a significant breach of cybersecurity by Chinese intelligence.”
The revelation of this hacker attack comes after Secretaries of State Antony Blinken and Treasury Secretary Janet Yellen traveled to China and the shooting down by the United States of a surveillance balloon linked to the Asian giant.