Suspected Chinese Hackers Behind Microsoft Cloud Breach Hacked US Rep Emails

Posted on August 19, 2023 at 6:26 PM

Suspected Chinese Hackers Behind Microsoft Cloud Breach Hacked US Rep Emails

Suspected Chinese threat actor groups behind an exploit on the State Department also hacked US Representative Don Bacon. The Republican representative from Nebraska also serves on the House Armed Services Committee.

Chinese hackers hack GOP Congressman

Chinese hackers are believed to be behind a campaign that forged Microsoft customer identities. The hacking campaign infiltrated the emails of employees at the State Department. During this campaign, the hackers also infiltrated the personal and political emails of Rep Bacon.

Bacon has already admitted to the hacking exploit on X, formerly Twitter. He said that the Federal Bureau of Investigations (FBI) notified him of the hack. The FBI told him that his emails were infiltrated by Chinese spies that leveraged an error by Microsoft for one month between mid-May and mid-June this year.

The timeline noted by the FBI aligns with when the other breaches against the State Department happened. According to Bacon, the hacking campaign had strengthened his resolve to assist Taiwan. He noted that he would continue working extended hours to ensure that Taiwan obtains the billions of dollars in US weaponry it requested.

A report by the Washington Post noted that Bacon had admitted to being a major champion for Taiwan, adding that he had nothing to be ashamed of in the stolen emails. “I’m a big proponent for Taiwan. I suspect they’d like info to embarrass me or to undercut me politically. As I told FBI, I have nothing to be embarrassed about,” Bacon said.

Hacking campaign against the US State Department

According to reports, the hacking campaign between May and June against the State Department claimed several victims. One of these victims was Commerce Secretary Gina Raimondo, some State Department employees, think tanks, and a human rights advocate.

Bacon noted that he was informed about the hack on his personal and professional emails on Monday. As such, the FBI and other agencies are probably still investigating the extent of the hacking campaign, and more victims could be reported as the investigation results unfold.

The hacking campaign happened amid growing tensions between the US and China. The campaign is described as traditional espionage, where the objective of the threat actors is to access and steal information from the victim.

The tensions between China and the US escalated over a debate about the autonomy of the island of Taiwan and China. China claims Taiwan, but the US has opposed the claims and instead offered to support Taiwan. The tensions between the two countries cooled down with the visit of the US Treasury Secretary, Janet Yellen, and the US Secretary of State, Anthony Blinken, to China. 

The hacking exploit against Microsoft has also raised concerns from experts over the tactics that the tech giant and the government might have employed to avoid it. The targeted State Department exclusively relies on Microsoft to conduct authentication, cloud, and email services.

Microsoft released a statement saying that the hackers behind this campaign secured access to powerful signing keys needed to create verified customer identities to bypass multifactor authentication. This hacking campaign might have exposed millions of people to the hacking campaign.

Officials from the State Department have also said that only a few entities were impersonated in this hacking attack. The State Department said that it detected suspicious activity in the logs. Microsoft later searched its logs for the master key that had been stolen by the hacker and blocked future access to the logs.

Some members of Congress have also raised concerns about this hacking exploit. These members have urged federal agencies to provide details about the plans they intend to use to deal with similar attacks in the future. It has also encouraged Microsoft to make logs readily available, with the tech giant agreeing to do the same.

Senator Ron Wyden (D-Ore) has further urged the Department of Justice and the Federal Trade Commission to probe whether the security practices employed by Microsoft were poor and violated its laws. The Senator wants the agencies to determine whether Microsoft needs better security measures after the breach.

The Senator has also recommended that the Department of Homeland Security uses the Cyber Safety Review Board to probe the breach on Microsoft Cloud. The board has already taken up the mandate to investigate the attack and is collaborating with the FBI.

Summary
Suspected Chinese Hackers Behind Microsoft Cloud Breach Hacked US Rep Emails
Article Name
Suspected Chinese Hackers Behind Microsoft Cloud Breach Hacked US Rep Emails
Description
Chinese hackers are suspected to be behind an attack on Microsoft Cloud. The hackers are linked to an exploit against GOP Congressman Don Bacon. The hackers targeted several employees at the State Department.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Newsletter

Get the latest stories straight
into your inbox!

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading