A group of suspected Chinese hackers exploited vulnerabilities in Microsoft’s cloud-based email service to breach government email systems in the United States and Western Europe, Microsoft said on Tuesday.
The hackers, who Microsoft has dubbed Storm Cloud 0558, targeted specific email accounts at government agencies and other organizations. They were able to gain access to the accounts by forging authentication tokens, which are used to verify the identity of users.
Microsoft said that the breach affected about 25 organizations, including government agencies in the United States, the United Kingdom, and Germany. The company said that it had notified the affected organizations and that it had taken steps to mitigate the breach.
“Last month, U.S. government safeguards identified an intrusion in Microsoft’s cloud security, which affected unclassified systems. Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” said Adam Hodge, spokesman for the White House National Security Council. He added, “We continue to hold the procurement providers of the U.S. government to a high security threshold.”
The hackers are believed to be affiliated with the Chinese government. Microsoft said that the attack was “highly targeted” and that the hackers were “likely seeking sensitive information.”
Microsoft has confirmed that the hackers took advantage of a security weakness in its cloud-computing environment. “The hackers broke into email accounts at about 25 organizations and hit consumer accounts that were likely linked to these entities,” Microsoft said in a statement. The company has since mitigated the security weakness and is working with the impacted customers.
The breach is the latest in a series of cyberattacks that have targeted government agencies and other organizations in the United States and Western Europe. In recent years, there have been a number of high-profile cyberattacks that have been attributed to China, including the SolarWinds hack and the Microsoft Exchange hack.
The Biden administration has accused China of carrying out a “whole-of-government” campaign of cyberattacks against the United States. The administration has said that it is taking steps to deter China from carrying out further cyberattacks.
NEW 🚨 Chinese hackers breached US govt email accounts: Microsoft https://t.co/p7A8R8cgJS
— Insider Paper (@TheInsiderPaper) July 12, 2023