“Hackers” operating from China seeking intelligence information have breached the email accounts of several US government agencies, computer giant Microsoft said. US Secretary of State Anthony Blinken warned the Chinese foreign minister that Washington will charge those “responsible” for the cyber attack.
(RFI) So far, the State Department has said it detected “abnormal activity” but has refrained from publicly blaming China, saying an investigation is underway.
At a meeting in Jakarta, Indonesia, Secretary Antony Blinken told Chinese diplomat Wang Yi, director of the Office of the Foreign Affairs Commission of the Central Committee of the Communist Party of China, that the “hackers” will be held accountable.
Blinken “made it clear that any action against the U.S. government, U.S. companies, U.S. citizens, is of great concern to us and we will take the necessary steps to hold those responsible accountable,” a senior U.S. government official said, asking not to be identified.
“The threat actor that Microsoft links to this incident is a China-based enemy that Microsoft calls Storm-0558,” the company said Thursday in a blog post. The company launched an investigation into “anomalous email activity” on June 16.
25 organizations affected
According to the American giant, Storm-0558 gained access to email accounts of approximately 25 organizations, including government agencies. While Microsoft did not identify the targets attacked, a US State Department spokesperson said “anomalous activities” were detected and “immediate steps were taken to protect our systems”.
“As a matter of cybersecurity policy, we do not discuss the details of our response, and the incident remains under investigation,” the source indicated.
According to The Washington Post, the compromised email accounts have been “declassified”. “The Pentagon, the Intelligence community and military email accounts do not appear to have been affected,” according to the newspaper.
On Wednesday, citing US officials, the newspaper reported, however, that the email addresses of the State Department and Commerce Secretary Gina Raimondo were hit. Mentioning sources close to the investigation, CNN television network assures that Chinese hackers targeted a small number of federal agencies and the accounts of specific employees of each agency.
Espionage
In the text published on the corporate blog, Microsoft’s executive vice president, Charlie Bell, stressed that the assessment is that “this enemy focuses on espionage, on how to gain access to email systems to collect intelligence data”.
Microsoft said that, to date, the investigation has revealed that, “as of May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organizations, including government agencies and related consumer accounts.”
US National Security Adviser Jake Sullivan addressed the incident during an appearance Wednesday on ABC television’s Good Morning America program and stressed that it was all detected “very quickly”. “The matter is still being investigated, so I’ll leave it there because we are gathering more information in consultation with Microsoft and will continue to report publicly as we learn more,” he added.
US Senator Mark Warner, chairman of the Senate Intelligence Committee, said the panel is “closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence”.
Earlier this year, the United States shot down a surveillance balloon linked to Beijing. This new cyberattack comes at a time when the United States and China have resumed high-level contacts after months of tension. Blinken was in China in June, and US Treasury Secretary Janet Yellen has just visited the country.
With information from AFP