In a recent development that testifies to the rising stakes in the world of cybersecurity, Microsoft disclosed a cyber breach by a Chinese actor, nicknamed Storm-0558, that affected numerous US government agencies’ email systems.
Microsoft, the tech behemoth, has pegged the origin of this threat to China, having noted the hacker group’s intricate manoeuvres in a blog post earlier this week. Storm-0558 reportedly infiltrated the email systems of an estimated 25 organizations, which notably included government bodies. However, Microsoft has chosen to remain reticent on the specific identities of the victims.
Despite the silence on specific targets, a spokesperson from the US State Department confirmed suspicions of “anomalous activity” within their systems, quickly reinforcing the digital barricades to safeguard the systems’ integrity. As is customary with matters of cybersecurity, the details of the response and ongoing investigation have been kept under wraps.
As reported by The Washington Post, the infiltrated emails were non-classified. Furthermore, accounts associated with the Pentagon, the intelligence community, and the military remained seemingly untouched. However, some sources, including unnamed US officials, suggest that the State Department and Commerce Secretary Gina Raimondo’s email accounts might have been compromised. The Commerce Department’s recent stringent export controls on Chinese technologies have indeed ruffled feathers in Beijing, making it a potential target.
Charlie Bell, a top brass executive at Microsoft, shared his assessment of the situation, indicating the adversary’s probable motive is to engage in espionage, using email access for intelligence gathering. He adds that such perpetrators, driven by espionage, typically exploit credentials to gain unauthorized access to sensitive data within the systems.
As the US grapples with this cyber breach, National Security Adviser Jake Sullivan shared on ABC’s Good Morning America that the hack was swiftly detected and further breaches thwarted. Nevertheless, as the investigation is ongoing, the entire story has yet to be fully uncovered.
Microsoft’s analysis suggests that Storm-0558 is mainly fixated on infiltrating government agencies in Western Europe, engaging primarily in data theft, espionage, and accessing credentials. They initiated their investigation into the unusual mail activity on June 16, subsequently finding out that Storm-0558 had been intruding into email accounts since May 15, 2023.
Also read: APAC Marketers Embrace the Cookieless Era: New Twilio Report Highlights Trust-Building Opportunities
In an effort to deal with the situation, Microsoft has successfully mitigated the attack across all its customers. However, the concern remains, as Senator Mark Warner, chair of the Senate Select Committee on Intelligence, acknowledges the considerable breach by Chinese intelligence, emphasizing China’s rapidly advancing cyber capabilities against the US and its allies.
Revelations of Chinese hacking follow recent diplomatic visits by US Secretary of State Antony Blinken and Treasury Secretary Janet Yellen, plus the US takedown of a Chinese surveillance balloon, intensifying the geopolitical narrative. Interestingly, this isn’t the first time China has come under scrutiny for cyber activities. In May, Microsoft had disclosed the infiltration of critical US infrastructure networks by another Chinese hacker group, “Volt Typhoon.”
China has denied all allegations, criticizing Microsoft’s report as unprofessional and an example of a disinformation campaign spearheaded by the US for geopolitical reasons.
Source: Malay Mail
