A group of China-based hackers breached email accounts at U.S. government departments, Microsoft said.
The breach, which exploited a security flaw in the software giant’s cloud, targeted 25 organizations including the emails of the U.S. commerce secretary, according to reports.
We’ve compiled insights you should read on the hack and why it matters.
- U.S. Secretary of Commerce Gina Raimondo is a “particularly important target” for Beijing given her department’s role in the export controls on Chinese businesses, said Emily Kilcrease, senior fellow at the Center for a New American Security. The rules have launched something of a proxy war between Washington and Beijing, and it’s possible that China is trying to understand Raimondo’s personal views on the situation. — The Washington Post
- There will be outrage about China’s ability to infiltrate the emails of a top U.S. official, but the reality is that “this is what governments do,” New York Times columnist Nicholas Kristof tweeted. “We would hack into emails of the Chinese commerce secretary if we could.”
- This isn’t the first time that hackers from China have exploited holes in Microsoft’s security. In June, alleged state-backed hackers infiltrated the networks of hundreds of organizations around the world, and nearly a third of those were foreign ministries and other government agencies. The U.S. has said in the past that China represents its largest cyber security threat. — The Associated Press
Cyberspies accessed the emails for about a month before the breach was discovered, The Washington Post reported. The issue was discovered around the time that U.S. Secretary of State Antony Blinken traveled to Beijing.
A spokesperson for the National Security Council told the Post that officials contacted Microsoft “to find the source and vulnerability in their cloud service. We continue to hold the procurement providers of the U.S. government to a high security threshold.”
Wang Wenbin, a spokesperson for China’s Ministry of Foreign Affairs, said Wednesday that the U.S. is “the world’s biggest hacking empire and global cyber thief.” She added that cybersecurity institutions in China “have issued reports to reveal U.S. government’s cyberattacks against China over the years, but the U.S. has yet to make a response.”