A Chinese cyber espionage operation Microsoft uncovered last week compromised the government email accounts of the US ambassador to China and other officials, a new report claims.
According to a person familiar with the matter, wall street journal The accounts of Nicholas Burns and Assistant Secretary of State for East Asia Daniel Krittenbrink were among those compromised in the attack.
For more on China’s national threats, NCSC warns of Chinese cyberattacks on critical infrastructure.
They join Commerce Secretary Gina Raimond as the most high-profile victim of the campaign so far, but Microsoft has attributed the damage to the Beijing-linked Storm-0558 group.
According to Microsoft, the attackers are known to target government agencies for sensitive information and logins, and forged authentication tokens to compromise customers via Exchange Online (OWA) and Outlook Web Access on Outlook.com. You have accessed your e-mail account.
They used Microsoft account keys to forge tokens and then used token validation issues to impersonate Azure AD users and access corporate emails. The latter presumably enabled access to US government email accounts.
of WSJMore The report claimed the threat group could have access to hundreds of thousands of government emails as a result of the compromise.
However, these accounts reportedly did not contain much geopolitically useful information as they were unclassified systems. The timing of the attack indicates the hackers were seeking information ahead of Secretary of State Anthony Brinken’s visit to Beijing last month.
As expected, Chinese government spokesman Liu Pengyu dismissed the allegations of state-sponsored hacking as “unfounded.”
“China resolutely opposes and combats all forms of cyberattacks and cybertheft. This position is consistent and clear,” he said.
