U.S. National Security Council Strategic Communications Coordinator John Kirby speaks during the daily briefing in the James S Brady Press Room of the White House in Washington, DC, on June 5, 2023 .
Andrew Caballero-Reynolds | AFP | beautiful pictures
More than two dozen government agencies in Western Europe and the United States have been attacked by a spy group based in China, based on Microsoft and US national security officials.
Hackers accessed Microsoft-provided email accounts at agencies as part of an ongoing effort by China-based actors to spy on and steal sensitive government data and enterprise. The hacking group, codenamed Storm-0558 by Microsoft, also compromised individual accounts “associated” with the agencies, likely employees of the agencies.
The compromise was “mitigated” by Microsoft’s cybersecurity teams after it was first reported to the company in mid-June 2023, Microsoft said in a pair of blog posts about the incident. The company says hackers have been infiltrating government systems since at least May.
US government officials have identified the possibility of hacking into Microsoft. The National Security Council did not identify which agencies were affected, although one news from the FBI and Cybersecurity and Infrastructure Security Agency said the first report was made by a single executive branch agency.
“Last month, US government safeguards identified a breach of Microsoft’s cloud security affecting unclassified systems. Officials were immediately contacted. with Microsoft to find the source and the vulnerability in their cloud service,” National Security Council spokesman Adam Hodge said in a statement sent to Wall Street. Magazine. “We continue to keep US government procurement providers at a high level of security.”
Microsoft is a major government contractor, and its Exchange software is used almost universally by public and private sector customers. The company has invested significantly in cybersecurity research and threat prevention, based on the popularity of its software and popularity among many of its customers.
For example, leading law firms Covington and Burling have damaged by Chinese hackers using Microsoft server software exploits in 2020.
The latest compromise comes months after Microsoft and top government officials admitted that another Chinese state-backed group was behind. espionage attempt targets “critical” civilian and military infrastructure of the United States, including a naval base in Guam.
It is also a timely example of the kind of threat that US national security officials have been warning about for months and years. Jen Easterly, the top US cybersecurity official, called China an “epochal” threat.
