GG News Bureau
WASHINGTON DC, 29th Sept. a Senate Staff member on Thursday told media that thousands of emails were stolen from US State Department accounts by Chinese hackers who exploited Microsoft’s email system…
The staff member was present at an the briefing of State Department IT personnel, claimed the officials informed senators that 60,000 emails had been stolen from 10 separate State Department accounts.
The victims were not identified he added that all but one were engaged in work related to East Asia and the Pacific.
According to US officials and Microsoft the email accounts at 25 institutions, including the US Commerce and State Departments have been compromised. The scope of the compromise is still unknown.
The relations between Beijing and Washington are fragile relationship between has worsened by US accusations that China was responsible for the breach. Beijing has refuted the accusations.
According to the State Department employees whose accounts were compromised mainly worked on Indo-Pacific diplomatic initiatives, and the hackers also got their hands on a list of all departments correspondence.
The massive attack has brought back into focus Microsoft’s disproportionate contribution to the US government’s IT needs.
According to the officials at the briefing, the State Department has started transitioning to “hybrid” settings with numerous vendor businesses and boosted acceptance of multi-factor authentication as part of attempts to defend its systems.
In a State Department briefing, the hackers compromised a Microsoft engineer’s device, which allowed them to breach the State Department’s email accounts.
Microsoft said that a hack of senior officials at the US State and Commerce Departments stemmed from the compromise of a Microsoft engineer’s corporate account. “We need to harden our defences against these types of cyberattacks and intrusions,” Schmitt said in a statement shared by the staffer in an email to the media
“We need to take a hard look at the federal government’s reliance on a single vendor as a potential weak point,” he said.
A Microsoft spokesman did not have an immediate comment on the Senate briefing.
The company has faced criticism over its security practices since the breaches, has said that the hacking group behind them – dubbed Storm-0558 – had broken into webmail accounts running on the firm’s Outlook service.