State-linked Chinese hackers breached the email accounts of officials at multiple U.S. agencies dealing with China, just before Secretary of State Antony Blinken’s visit to Beijing last month. The cyberattack, discovered by the State Department in mid-June, targeted a small number of individuals but did not compromise any classified information. The hacked officials included Commerce Secretary Gina Raimondo, and the breach affected other foreign governments as well. The attack exploited a vulnerability in Microsoft’s cloud-based security, allowing the hackers to impersonate authorized users and gain access to email accounts.
Why it matters: A vulnerability in Microsoft’s cloud-based security allowed the hackers to forge authentication tokens and gain unauthorized access.
- White House National Security Council spokesman Adam Hodge said an intrusion in Microsoft’s cloud security “affected unclassified systems”.
- The United States detected a breach of federal government accounts “fairly rapidly” and managed to prevent further breaches, White House national security adviser Jake Sullivan said in an interview with ABC’s “Good Morning America” program.
- Microsoft disclosed late Tuesday that it had mitigated an attack by “a China-based threat actor” that primarily targets government agencies in Western Europe and focuses on espionage and data theft.