Posted on July 13, 2023 at 4:54 AM

Chinese Hackers Target Microsoft To Compromise Top US Officials

Chinese hackers have targeted several key officials in the US government. These hackers gained access to the email accounts of the Commerce Secretary, Gina Raimondo, and other State and Commerce Department officials. The hacks happened before the Secretary of State, Anthony Blinken, traveled to China.

Chinese hackers targeted several US officials

A probe conducted into the hacking exploits made by these Chinese hackers is still underway, according to the New York Times. However, US officials do not believe that the hackers gained access to sensitive information. These officials have also insisted that the breach did not affect the classified email or cloud systems.

As aforementioned, one of the targeted officials is the Commerce Secretary. Raimondo has been one of the most vocal critics of Beijing. This official has tightened the export controls in China and threatened to cut off the supply of US semiconductor technology in China if it supplies these chips to Russia.

The officials said that the preliminary investigations conducted on the matter show that she was the only top official that was successfully targeted by the hackers. The threat actors also failed to obtain access to the emails within Blinken’s Microsoft 365 account despite having access to the email boxes of other officials in the State Department.

Several officials have revealed that this hacking campaign is aimed at individual accounts and not large-scale data exfiltration. Chinese hackers have previously been suspected of being behind the theft of personal data.

Microsoft has already admitted to the breach that affected its customers. The tech giant noted that this breach commenced in May. The State Department detected the breach on June 16 and alerted Microsoft about it.

The State Department said that after this breach had been reported to Microsoft, the tech giant uncovered that the threat actors were also behind hacking campaigns targeting 25 organizations, including government institutions.

One official from the Cybersecurity and Infrastructure Security Agency said that some of the organizations that were targeted by these Chinese hackers were located in overseas locations. Moreover, the number of organizations across the US that were affected by this breach appeared to be minimal.

According to US officials, these targets appeared to be targeting a few email accounts belonging to every organization instead of conducting a full-blown hacking campaign. However, none of the officials from the US or Microsoft have mentioned the actual number of accounts that were affected.

According to US officials, Microsoft usually charges organizations extra fees for having regular access to the logs. Some of the institutions that were affected by this breach did not have this access, and therefore, they could not detect this intrusion.

Officials in the United States have been advocating for Microsoft to offer access logs to all organizations that have a computing contract with the tech company to help understand the extent of the breach and potentially sensitive information that might have been accessed by the hackers.

China and the US are mending bilateral ties

The breach happened at a time when China and the US have been looking to mend their bilateral ties. Blinked was the first US Secretary of State to visit Beijing in five years. The recent visit was critical for both China and the US as the two countries focused on resolving the deteriorating relations.

Blinken’s visit was followed by that of Treasury Secretary Janet Yellen. The US special envoy for Climate, John Kerry, is also planning to visit China on Sunday where he will participate in four days of discussions.

The Chinese President, Xi Jinping, and the US President, Joe Biden, met in Bali last year to improve the relations between the two countries. However, the tensions escalated again earlier this year after the US shot down a suspected Chinese spy balloon. Blinked has also previously accused China of sending military aid to Russia in the ongoing Ukraine war.

In the recent case of hacks targeting the State Department, the US government has not issued a formal statement to attribute the attack to state-sponsored hackers in Beijing. This could be attributed to the Biden administration maintaining its talks with Beijing. However, Microsoft has said that the hack appears to originate from China.

The US and China have been at an intense rate of gathering intelligence from each other. The governments of the two countries have been racing to expand the intelligence that has been gathered from officials. The State Department noted that it was still conducting robust investigations on what had happened to understand the root cause.