New Delhi:- According to Microsoft, Chinese intelligence agencies hacked the Microsoft email accounts of 20 government agencies, including the US and Western European Departments of State. This is a "serious" violation according to Microsoft and US national security officials. "
“The Senate Intelligence Committee is closely monitoring what it believes to be a serious cybersecurity breach by a Chinese intelligence agency,” Sen. Mark Warner, Democrat of Virginia, chair of the Intelligence Task Force, said Wednesday.“It is clear that China is steadily improving its cyber collection capabilities against the United States and its allies. Close cooperation between the U.S. government and the private sector is essential to countering this threat.”
A Warner spokesperson confirmed that the company had been briefed on the incident. The Ministry of Foreign Affairs also confirmed on Wednesday that it was affected. "The Department of State identified the unusual activity and took immediate steps to protect our systems. We will continue to monitor further activity closely and respond quickly," a spokesperson told CNBC.
Also Read:- Anant Maheshwari to vacate the post at Microsoft India
Hackers accessed his Microsoft-operated government email account as part of an ongoing effort by Chinese attackers to spy on and steal sensitive government and corporate data. Code-named Storm-0558 by Microsoft, this hacker and his group also compromised personal accounts "connected" to the authorities (possibly employees of the authorities).
The breach was "moderated" by Microsoft's cybersecurity team after it was first reported to the company in mid-June 2023, Microsoft said in two blog posts about the incident. The hackers have been operating within government systems since at least May, the company said.
“This was a very sophisticated technique used by attackers against a limited number of high-value targets. said Charles Carmakal, senior vice president of Mandiant and chief technology officer of Google Cloud. "We salute Microsoft for speaking up, clarifying the issue, providing a fix, working with partners, and being transparent."
Also Read:- Microsoft New Job Cut Round, Letting Go of 276 Employees
US government officials were aware of the possibility of an intrusion by Microsoft. The National Security Council did not specify which agencies were affected, but preliminary reports from the FBI and the Cybersecurity and Infrastructure Security Agency said the initial report was produced by a single law enforcement agency.
"Last month, US government security officials identified an intrusion into Microsoft's cloud security that affected unclassified systems. The agency immediately contacted Microsoft to identify the source and vulnerability of the cloud service," said National Security Council spokesman Adam Hodge in a statement to The Wall Street Journal. “We continue to keep our U.S. government procurement service providers at a high margin of safety.”
Microsoft is a major government contractor and its Exchange software is almost universally used by public and private sector customers. Given the mundane nature of the software and the notoriety of many of its customers, the company has invested heavily in cybersecurity research and threat mitigation.
Also Read:- Microsoft to Bloom in the Market after Getting Green Light in UK
For example, major law firm Covington & Burling was compromised by Chinese hackers in 2020 by exploiting Microsoft's server software.
The compromise is a number of Microsoft and government officials admitting another Chinese state-backed group was behind espionage operations targeting "critical" US civilian and military infrastructure, including a naval base on Guam. It was done months later.
Also Read:- Microsoft to Bloom in the Market after Getting Green Light in UK
It's also the latest example of the kind of threat that US national security agencies have been warning about for months and years. US cybersecurity chief Jen Easterly called China a "breakthrough" threat.
The Chinese Government tried to hack the United States’ Emails in a significant breach. The breach was identified by Microsoft and U.S. Government thanked Microsoft for being so transparent.