"They did this by using forged authentication tokens to access user email using an acquired Microsoft account consumer signing key," the company said. "Microsoft has completed mitigation of this attack for all customers." "Over the next few weeks, our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organizations including government agencies as well as related consumer accounts. The Redmond, Washington-based company said it had launched an investigation into "anomalous mail activity" on June 16. Microsoft said Storm-0558 "primarily targets government agencies in Western Europe and focuses on espionage, data theft, and credential access." "The matter is still being investigated, so I have to leave it there because we're gathering further information in consultation with Microsoft and we will continue to apprise the public as we learn more," Sullivan said. "We were able to prevent further breaches," Sullivan said. US National Security Adviser Jake Sullivan addressed the hack in an appearance on Wednesday on ABC's Good Morning America, and said it had been detected "fairly rapidly." "This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems," Bell said. In the blog post, Charlie Bell, a Microsoft executive vice president, said "we assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection.
Raimondo's agency has angered China by imposing tough export controls on Chinese technologies.ĬNN, citing sources familiar with the investigation, said the Chinese hackers targeted a small number of federal agencies and the email accounts of specific officials at each agency. "As a matter of cybersecurity policy, we do not discuss details of our response and the incident remains under investigation," the spokesperson said.Īccording to The Washington Post, the breached email accounts were unclassified and "Pentagon, intelligence community and military email accounts did not appear to be affected."īut the paper reported Wednesday evening, quoting US officials, that State Department email accounts and that of Commerce Secretary Gina Raimondo were hacked. Microsoft did not identify the targets but a US State Department spokesperson said the department had "detected anomalous activity" and had taken "immediate steps to secure our systems." Microsoft said Storm-0558 gained access to email accounts at approximately 25 organizations including government agencies. "The threat actor Microsoft links to this incident is an adversary based in China that Microsoft calls Storm-0558," the company said in a blog post late Tuesday. Chinese-based hackers seeking intelligence information breached the email accounts of a number of US government agencies, computer giant Microsoft said.
0 kommentar(er)
