Hackers linked to China have gained unauthorized access to email accounts belonging to Western government agencies and organizations, according to Microsoft.
The company, which detected the breach, has dubbed the hacking group involved as “Storm-0558.” The cyberattack, which began in May, involved the forging of digital authentication tokens to infiltrate webmail accounts running on Microsoft’s Outlook service.
The allegations were seemingly confirmed by White House National Security Advisor Jake Sullivan, who acknowledged that the United States had rapidly detected a breach of federal government accounts and is currently investigating the matter.
However, China has denied the accusations, countering with allegations that the US is spreading disinformation and referring to the US as the “world’s biggest hacking empire and global cyber thief.”
Microsoft has not disclosed the specific organizations or governments affected by the breach but has stated that the hacking group primarily targets entities in Western Europe.
The company has been in direct contact with the targeted and compromised organizations, providing them with crucial information to aid in their investigations and response efforts.
Working in collaboration with the US Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency, Microsoft is focused on protecting affected customers and addressing the issue.
The US Department of State has also reported detecting anomalous activity and has taken immediate steps to secure its computer systems, while the US Department of Commerce confirmed that Microsoft had notified them about the attack.
Earlier this year, the US State Department issued a warning regarding potential cyber activities originating from China, stating that China possesses the capability to launch cyberattacks that could disrupt critical infrastructure services within the United States.
These recent allegations may reignite tensions between the US and China, as the two nations are already locked in an escalating economic and geopolitical competition. However, both sides have emphasized that they do not seek confrontation.
The China-based hackers, Storm-0558, have reportedly gained access to the email accounts of approximately 25 organizations, including government agencies, according to Microsoft. While the specific locations of the affected government agencies have not been disclosed, US media outlets have reported that the State Department was among the targets.
Read also: Chinese Hackers Aim at the Kenyan Government in Cyberattack to Access Debt Information
China’s embassy in London dismissed the allegations as “disinformation” and referred to the US government as the “world’s biggest hacking empire and global cyber thief.” China has consistently denied involvement in hacking operations, irrespective of available evidence or context.
Microsoft has implemented significant automated detections to counter known indicators of compromise associated with this attack. The company’s investigations indicate that the breach has been mitigated, and they have not found evidence of further access. However, the incident underscores the ongoing threats posed by cyber espionage and the need for continued vigilance in safeguarding sensitive information.
Subscribe to Switch TV
