Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    The Limits of AI Quantization

    December 24, 2024

    Elon Musk’s xAI Raises $6 Billion to Propel AI Innovations

    December 24, 2024

    Google Proposes Unbundling Android Apps to Address Antitrust Concerns

    December 24, 2024
    Facebook X (Twitter) Instagram
    Tech News Mart
    • News
    • Gadgets
    • How to
    • AI
    • Reviews
    • Gaming
    • Throwback
    Facebook Instagram YouTube
    Tech News Mart
    Home » Chinese Hackers Breach US Government Emails via Microsoft Cloud Exploit

    Chinese Hackers Breach US Government Emails via Microsoft Cloud Exploit

    akshay rahalkarBy akshay rahalkarJuly 18, 2023No Comments3 Mins Read News
    Share
    Facebook Twitter LinkedIn Pinterest Email

    The digital age has ushered in remarkable advancements, but it has also exposed our vulnerabilities to cyber threats. Recently, a concerning incident unfolded when Chinese hackers exploited a vulnerability in Microsoft Cloud services to breach US government email systems. This security breach highlights the need for heightened cybersecurity measures and collaborative efforts between governments and technology providers to safeguard sensitive data and protect critical infrastructure.

    In early 2023, cybersecurity experts discovered that Chinese state-sponsored hackers successfully targeted Microsoft’s cloud-based services. By exploiting a zero-day vulnerability, the hackers gained unauthorized access to numerous US government email accounts. The scale and audacity of the attack underscored the sophistication and persistence of modern cyber adversaries.

    A hacking group known as Storm-0558 has successfully hacked around 25 email accounts, including those of government agencies and individuals associated with them, according to Microsoft. Storm-0558 is a new and emerging group that Microsoft is actively tracking.

    Although Microsoft has not disclosed the specific government agencies that were targeted, a spokesperson for the White House’s National Security Council confirmed that U.S. government agencies were indeed affected by the breach.

    The State Department was one of the federal agencies that fell victim to the attack, and they alerted Microsoft about the breach.Through their investigation, Microsoft discovered that Storm-0558, a well-resourced group based in China, gained access to email accounts by using Outlook Web Access in Exchange Online (OWA) and Outlook.com. They achieved this by forging authentication tokens and exploiting a vulnerability in token validation to impersonate Azure AD users and gain access to enterprise email accounts.

    This breach has raised concerns about the security of cloud services and highlights the need for heightened security measures to protect sensitive information. The U.S. government is committed to holding its procurement providers to high security standards to prevent similar incidents in the future.

    Microsoft recently revealed that a malicious actor, known as Storm-0885, had been carrying out covert activities for around a month before customers brought it to their attention. Charlie Bell, Microsoft’s top cybersecurity executive, stated that the adversary’s focus seemed to be on espionage and gaining unauthorized access to email systems for intelligence gathering. Microsoft managed to mitigate the attack and revoke Storm-0558’s access to compromised accounts. However, it remains unclear if any sensitive data was stolen during the attackers’ month-long access.

    The Cybersecurity and Infrastructure Security Agency (CISA) noted that the attackers had accessed unclassified email data, while a senior FBI official described the intrusion as a targeted campaign that affected a few government agencies, refraining from naming them. CISA also confirmed that a limited amount of Exchange Online data had been exfiltrated by a government-backed actor, though the U.S. government has yet to attribute the attack to China or any specific entity.

    In light of these events, both CISA and the FBI are urging organizations to report any unusual activity detected within Microsoft 365 to their respective agencies.

    Related Posts

    Elon Musk’s xAI Raises $6 Billion to Propel AI Innovations

    December 24, 2024

    Google Proposes Unbundling Android Apps to Address Antitrust Concerns

    December 24, 2024

    OpenAI Unveils o3 Models: A Leap Toward AGI?

    December 21, 2024
    Leave A Reply Cancel Reply

    Categories
    • AI
    • Gadgets
    • Gaming
    • General
    • How to
    • News
    • Reviews
    • Throwback
    • What If
    Archives
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • October 2023
    • September 2023
    • August 2023
    • July 2023
    • June 2023
    • April 2023
    • March 2021
    Contact Us

    [email protected]

    Facebook X (Twitter) Instagram Telegram
    Categories
    • AI
    • Gadgets
    • Gaming
    • General
    • How to
    • News
    • Reviews
    • Throwback
    • What If

    Type above and press Enter to search. Press Esc to cancel.

    Go to mobile version