U.S. government agencies and Microsoft have confirmed a major cyber intrusion, reportedly linked to Chinese state-sponsored hackers. The breach, initiated in May, has been targeting approximately 25 organizations.

The targets include Microsoft’s infrastructure and at least two federal agencies.

Jake Sullivan, the White House national security adviser, indicated the swift detection of the breach.

Speaking on ABC’s “Good Morning America,” Sullivan highlighted the rapid response, curtailing further incursions. Among the infiltrated entities were the U.S. State and Commerce Departments, with both confirming their status as victims.

Hack Details Unfolded

U.S. officials stated that the email accounts of Gina Raimondo, Secretary of Commerce, were compromised. Similarly, accounts of various State Department officials also fell victim to the breach. Notably, Raimondo is the sole confirmed Cabinet-level official affected in this incident.

Comparing this recent breach to the SolarWinds compromise, a senior U.S. official emphasized the narrower scope of this intrusion. The official, however, refrained from commenting on Microsoft’s attribution of the hack to China.

In its statement, Microsoft revealed the identification of the hacking group, dubbed Storm-0558.

The group exploited forged digital authentication tokens to infiltrate Outlook webmail accounts. Microsoft asserted that these attacks have been ongoing since May.

The tech giant has proactively reached out to all the targeted or compromised organizations.

They have provided crucial details to these entities, assisting them in their own investigations and responses. Although Microsoft didn’t disclose the identities of the affected parties, they hinted that the hacking group primarily targets Western European entities.

The Responses

In response to the accusations, the Chinese embassy in London dismissed them as “disinformation.” They went on to dub the U.S. government as “the world’s biggest hacking empire and global cyber thief” dubiously.

It’s noteworthy that China typically denies involvement in cyber hacking activities, irrespective of the evidence or context.

Adam Hodge, White House National Security Council spokesman, stated that Microsoft’s cloud security was breached, impacting “unclassified systems.” U.S. officials promptly liaised with Microsoft to identify the vulnerability in the cloud service.

Both the State and Commerce Departments took swift protective measures after detecting the unusual activity.

Their response was triggered by Microsoft’s notification of a security compromise. John Hultquist, the chief analyst for U.S. cybersecurity firm Mandiant, highlighted the increasing sophistication of Chinese cyber espionage.

Chinese cyber espionage has come a long way from the smash-and-grab tactics many of us are familiar with. John Hultquist

The disclosure of these recent cyber attacks underlines the ever-evolving nature of cyber threats and the continued enhancement of China’s cyber capabilities.

The incident further points to the need for strengthened cyber defense and greater international cooperation against state-sponsored cyber attacks.