Chinese Hackers Have Been Reading US Government Emails

Uploaded on 2023-09-20 in INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

The US State Department has used a sophisticated alert system to discover an advanced Chinese spying campaign that involved breaches of officials’ emails. The suspected Chinese hackers, who forged Microsoft customer identities to read the emails of State Department employees, also obtained the personal and political emails of a member of the House Armed Services Committee.

This recent Chinese-linked hack of US government emails was first detected in June and may have gone unnoticed for much longer, were it not for an enterprising government IT analyst.

A State Department cyber security expert spearheaded an effort to implant a custom warning mechanism into the agency’s network more than two years ago in anticipation of future hacks, the officials said, shedding new light on how they spotted the breach. The tripwire-like alert went off almost immediately when Chinese spies targeted the agency’s Microsoft email systems in mid-June, enabling the agency to tip off Microsoft and the rest of the US government to the sophisticated spying campaign. 

The hack, which Microsoft disclosed in July, still compromised the unclassified emails of top officials at the State and Commerce Departments, including Commerce Secretary Gina Raimondo and Nicholas Burns, the US ambassador to China.

The disclosure from the State Department underscores both how federal agencies are adapting to beat back increasingly sophisticated cyber threats, and how easily the Chinese hackers might have gotten away with their exploits.

The State Department was the first to report the activity to the US government and to Microsoft. The firm has said the hackers used a powerful digital key they stole via a cascade of internal security mishaps to breach more than two dozen organisations globally, and at least 10 within the US, none of which spotted the intrusion until the State Department did.

This hack attack has caused a lot of criticism about Microsoft from lawmakers, government cyber security officials and the security industry because only customers who had purchased an enhanced security license, known as E5, had access to the type of forensic trail necessary to determine whether a hack had taken place.

Several victims in addition to the Commerce Department have acknowledged they were affected, including personnel at the State Department and US House of Representatives. The intrusion activity began in May and in August the Google-owned cyber security firm Mandiant announced that suspected state-backed Chinese hackers had broken into the networks of hundreds of public and private sector organisations globally, exploiting a vulnerability in a popular email security tool.

A Chinese foreign ministry spokesman called the US accusation of hacking “disinformation” aimed at diverting attention from US cyber espionage against China. “No matter which agency issued this information, it will never change the fact that the United States is the world’s largest hacker empire conducting the most cyber theft."

Indeed, t is widely acknowledged that US intelligence agencies also use hacking as a critical espionage tool, which is not a violation of international law.

Politico:    WashingtonPost:    NYT:   @DonBacon:    Reuters:    ABC:                 Image: GOCMEN

You Might Also Read:   

Cyber War, Intelligence, Malware & Espionage:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Enterprise Cybersecurity Today: A Vast Landscape To Secure
Australian Government Suffers A Widespread Ransom Attack »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

Marcus Donald People

Marcus Donald People

Marcus Donald People is a UK IT recruitment specialist covering the following sectors: Infrastructure & Cloud, Information Security, Development, Business transformation.

Stellar Cyber

Stellar Cyber

Stellar Cyber makes Open XDR, the only comprehensive security platform providing maximum protection of applications and data wherever they reside.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

GitProtect.io

GitProtect.io

​GitProtect is a fully manageable, professional GitHub and Bitbucket backup and recovery software that protects repositories and metadata from any event of failure.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

Obsidian Security

Obsidian Security

Protect your business-critical applications by mitigating threats and reducing risk with Obsidian, the first truly comprehensive security solution for SaaS.

VISO Cyber Security

VISO Cyber Security

VISO provide Cyber Security Consulting and CISO as a Service to companies who need to augment their leadership teams with information security expertise.

Btech

Btech

Btech is the market leader in providing affordable managed IT security services for credit unions.

Quantum Dice

Quantum Dice

Quantum Dice is an award-winning venture-backed spinout from Oxford University’s world-renowned quantum optics laboratory.

Verosint

Verosint

Verosint (formerly 443ID) provides real-time account fraud prevention that reveals fraudsters hiding in user accounts and proactively blocks them before their attacks can cause harm.

SafeShark

SafeShark

SafeShark are Product Security and Telecommunications Infrastructure (PTSI) Act and Radio Equipment Directive (RED) compliance specialists.

Charm Security

Charm Security

Charm Security is an AI-powered customer security platform that protects organizations and their customers from scams, social engineering, and human-centric fraud.

Command Zero

Command Zero

Command Zero is the industry’s first autonomous and AI-assisted cyber investigations platform, built to transform security operations in complex enterprise environments.

Mitigata

Mitigata

Welcome to Mitigata, your premier partner in cybersecurity insurance, defence, compliance, and consultancy.