Microsoft: Chinese group hacked government email accounts

China-based hackers have accessed email accounts of several organisations, including some US and Western European government agencies

Microsoft: Chinese group hacked government email accounts (photo: DW)
Microsoft: Chinese group hacked government email accounts (photo: DW)
user

DW

Chinese state-linked hackers have secretly accessed email accounts at about 25 organisations, including government agencies, Microsoft said on Wednesday. 

Microsoft did not say which organisations or governments had been affected, but added that the hacking group primarily targets entities in Western Europe.

"Microsoft has contacted all targeted or compromised organisations directly via their tenant admins and provided them with important information to help them investigate and respond," the statement on the company's website said. 

What we know about the hack

Microsoft said the group, which it identified as Storm-0558, forged digital authentication tokens to access webmail accounts running on the firm's Outlook service. 

It is reported that the activity began in May. However, the breach was detected weeks later when customers complained to Microsoft about abnormal mail activity.

Citing a statement from US officials, the Washington Post reported that Storm-0558 also breached unclassified email accounts linked to the US government.

The US had detected the breach of federal government accounts "fairly rapidly" and had managed to prevent further breaches, White House national security adviser Jake Sullivan said in an interview with ABC television. 


China denies US accusations

China called the Microsoft report  "disinformation," saying that the accusation was meant to divert attention from US cyber activities.

"No matter which agency issued this information, it will never change the fact that the United States is the world's largest hacker empire conducting the most cyber theft," Chinese foreign ministry spokesperson Wang Wenbin said during his routine briefing. 

"Since last year, the cybersecurity organisations of China and other countries have issued many reports exposing cyberattacks on China by the US Government over a long period of time, but the US has not made a response so far," he further added. 

Last month, Google-owned cybersecurity firm Mandiant said it suspected state-backed Chinese hackers of having broken into the networks of hundreds of public and private sector organisations globally by using a security hole in a popular email security tool.

Earlier this year, Microsoft said state-backed Chinese hackers were targeting US critical infrastructure.

It added that China could be laying the technical groundwork to disrupt critical communications between the US and Asia during future crises. 

Follow us on: Facebook, Twitter, Google News, Instagram 

Join our official telegram channel (@nationalherald) and stay updated with the latest headlines