Chinese Government Hackers Suspected in High-Impact Cyberattack on U.S. State Department
Chinese government hackers are suspected of conducting a sophisticated cyberattack on the U.S. State Department. (Photo: NBC News)
Chinese Government Hackers Strike Again: Targeting U.S. State Department’s Email System Raises Diplomatic Concerns
According to TheMessenger article, suspected state-sponsored Chinese government hackers believed to have ties to the Chinese government executed a highly sophisticated cyberattack, compromising the Microsoft email system of the U.S. State Department earlier this year. In a startling breach, these Chinese government hackers infiltrated the accounts of ten State Department employees, pilfering approximately 60,000 emails. Beyond email theft, the attackers gained access to an extensive directory of State Department personnel and sensitive data, including travel plans and confidential discussions.
Notably, nine of the targeted individuals were primarily focused on East Asia and Pacific policy, with the tenth concentrating on European affairs, emphasizing their focus on Indo-Pacific diplomacy efforts. These revelations have highlighted the potentially grave diplomatic ramifications of this cyberattack. While Microsoft has attributed the attack to the Chinese government, the Biden administration has not yet publicly assigned blame.
The incident aligns with a pattern of aggressive Chinese cyberattacks aimed at gathering information on the foreign-policy objectives of geopolitical rivals, and it is suspected to have provided China with strategic insights in preparation for upcoming meetings with high-ranking Biden administration officials.
Chinese Government Hackers Showcase Unprecedented Technical Expertise in Multi-Agency Cyber Intrusion
According to BleepingComputer, the Chinese government hackers demonstrated a high level of technical prowess in executing the attack. They exploited a rare combination of events, infiltrating a Microsoft engineer’s computer and pilfering one of Microsoft’s heavily protected account-signing keys. Using these stolen keys, they accessed victims’ accounts without triggering typical security alarms.
The intrusion went undetected until the State Department observed suspicious activity and subsequently alerted Microsoft. The scope of this cyber campaign extended beyond the State Department. In total, the hackers infiltrated the email systems of 25 Microsoft customers, which included two other federal agencies.
One of the affected agencies was the Commerce Department, where they accessed the inbox of Commerce Secretary Gina Raimondo. The incident underscores the persistent and evolving threats posed by state-sponsored cyber espionage and the ongoing challenges in safeguarding sensitive government data.