China NewsUS-China Relations

Chinese Hack of Microsoft Engineer Opened Door to US Government Email Breach

A Chinese hacking group hacked the account of a Microsoft engineer, giving it access to a cryptographic key the group later used to break into U.S. government accounts.
Save
Chinese Hack of Microsoft Engineer Opened Door to US Government Email Breach
An unnamed Chinese hacker using his computer at an office in Dongguan, in China's southern Guangdong Province, on Aug. 4, 2020. Nicolas Asfouri/AFP via Getty Images
Eva Fu
Updated:
0:00

The recently uncovered Chinese hack of hundreds of thousands of emails from top U.S. officials began with the breach of a Microsoft engineer’s account, the company stated on Sept. 6.

The Chinese hacking group, which Microsoft dubbed Storm-0558, penetrated the engineer’s account, giving it access to a cryptographic key that the group later used to break into the U.S. government accounts, Microsoft said in a blog post after a months-long investigation.

The revelation offered details on a Chinese state-sponsored cyberattack that alarmed Washington, which spanned 25 organizations and affected the State and Commerce departments, as well as at least one lawmaker and a Washington think tank.
Among the individuals whose email systems were breached were Commerce Secretary Gina Raimondo, U.S. Ambassador to China Nicholas Burns, and Assistant Secretary of State for East Asia Daniel Kritenbrink. Rep. Don Bacon (R-Neb.) said in August that he was also a victim of the hacking campaign.

Microsoft stated that the Chinese hackers had likely exploited the crash of the company’s internal system in April 2021 that leaked the key, which the engineer’s corporate account had access to. The hacker group subsequently forged credentials to compromise Microsoft’s Outlook on the web and Outlook systems. The tech giant stated that it has corrected the technical vulnerabilities.

The hacking attempt surfaced at a sensitive time. The investigation began the same day that Secretary of State Antony Blinken headed to China to engage with senior Chinese officials, the highest-ranking official under the Biden administration to do so. CNN, citing two unnamed U.S. officials, reported in July that the Biden administration believes that the hacking operation had given Beijing clues about U.S. thinking ahead of the U.S. visit.

Related Stories
GOP Lawmaker Says Chinese Spies Hacked Him
8/15/2023
GOP Lawmaker Says Chinese Spies Hacked Him
What Could Cyber Attacks Like China’s Volt Typhoon Do With Emplaced Malware?
8/9/2023
What Could Cyber Attacks Like China’s Volt Typhoon Do With Emplaced Malware?
Concerns over the hack in August led the House Committee on Oversight and Accountability to request a briefing with Mr. Blinken and Ms. Raimondo to learn about the impact of the cyberattacks on their institutions.
In July, Sen. Mark Warner (D-Va.), chairman of the Senate Select Committee on Intelligence, said the hack demonstrates the urgency for the U.S. government and the private sector to closely coordinate to counter the Chinese threats. It’s clear that Beijing is “steadily improving its cyber collection capabilities directed against the U.S. and our allies.”

The breach also called attention to Microsoft’s security system. The Department of Homeland Security’s Cyber Safety Review Board, a panel of government and industry experts, has launched a probe to examine the potential systemic risk in cloud computing.

The Microsoft breach represents only a drop in the cyberattacks from China.

Cybersecurity firm Mandiant stated in June that state-backed Chinese hackers had exploited a loophole to intrude into the networks of hundreds of public and private sector organizations around the globe—a third of the breach involved government agencies.

Cyber Espionage

Microsoft and various cybersecurity agencies under the Five Eyes alliance in May also warned about malicious activities from Chinese cyber espionage group Volt Typhoon targeting a wide range of networks across U.S. critical infrastructure.

According to Microsoft, these hackers attempted to “disrupt critical communications infrastructure between the United States and Asia region during future crises,” including manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors.

The company also noted the risk for military facilities in Guam in the Western Pacific that are key in responding to conflicts in the Asia-Pacific region.

“It’s a fairly rare thing to put out something like this so publicly and, of course, it runs a risk of frightening people, and we probably have good reasons to be frightened,” Thomas Patrick Keenan, a professor at the University of Calgary, told The Epoch Times earlier.

Ms. Raimondo said she has challenged Chinese officials over the email hacking during her trip to China.

“I was very clear, direct, and firm in all of my conversations with my Chinese counterparts. I didn’t pull any punches. I didn’t sugarcoat anything, and no one is more realistic than I am about the challenges as it relates to the hack,” she told CNN’s State of the Union.

The operation “erodes trust,” according to Ms. Raimondo.

“I wanted to be clear with them that we aren’t foolish,“ she said. ”We aren’t close-eyed to the reality of what they’re trying to do.”

Ms. Raimondo said the Chinese officials had denied any knowledge of the incident and instead suggested that it wasn’t intentional.

“But I think it was important that I put it on the table and let them know ... that it’s hard to build trust when you have actions like that,” she said.

Eva Fu
Eva Fu
Reporter
Eva Fu is a New York-based writer for The Epoch Times focusing on U.S. politics, U.S.-China relations, religious freedom, and human rights. Contact Eva at [email protected]
twitter
Related Topics