China-based hackers breach email accounts at State Department
Hackers in China recently broke into the email accounts of around 25 organizations, including multiple government agencies, Microsoft said.
The State Department confirmed it was one of the victims, a spokesperson said Wednesday, and first alerted Microsoft and U.S. government cybersecurity officials to the hacking campaign.
The Cybersecurity and Infrastructure Security Agency, the federal cybersecurity watchdog, announced Wednesday that it first learned of the breach in mid-June.
Microsoft did not name any of the affected countries or agencies, but said that the group primarily focuses on hacking Western governments to spy on them. Microsoft said it worked with CISA to kick the hackers out, indicating U.S. organizations were among the victims.
Sen. Mark Warner, D-Va., head of the Senate Intelligence Committee, said he and other committee members were "closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence."
"It’s clear that the PRC is steadily improving its cyber collection capabilities directed against the U.S. and our allies," Warner added, using an acronym for the People's Republic of China. "Close coordination between the U.S. government and the private sector will be critical to countering this threat."
In a press call Wednesday, a senior CISA official, who requested to not be named as terms to participate in the call, declined to say exactly how many other U.S. federal agencies were affected, but said that the number "is in the single digits."
The hacks started May 15 and went undetected until June 16, Microsoft announced in a report Tuesday evening. The perpetrators were primarily focused on gaining access to email accounts and no longer have that access, it said.
Recommended
The hackers were able to view victims' emails, and appeared to only target a handful of specific people, the official said.
"This appears to have been a very targeted, surgical campaign," he said. Only unclassified mailboxes were affected, he said.
A spokesperson for the State Department said the agency took "immediate steps to secure" its system.
"As a matter of cybersecurity policy, we do not discuss the details of our response. The incident remains under investigation. And we continuously monitor our networks and update our security procedures," said Matthew Miller, a State Department spokesperson.
Microsoft did not say whether it believed the hacker group is affiliated with China’s government.
Unlike those working for Russia or Iran, hackers working for China rarely focus on disrupting their targets, but they are generally regarded as some of the most prolific cyber spies in the world.
A spokesperson for the Chinese Embassy in Washington, D.C., did not immediately respond to an email requesting comment. A Chinese Foreign Ministry spokesman told The Associated Press that any accusation of government involvement was “disinformation.”
कोई टिप्पणी नहीं:
एक टिप्पणी भेजें