The US State Department said Wednesday that recently detected irregular cyber activity on your network and immediately reported the fact to Microsoft, which said they were China-based hackers.
“Last month, the State Department detected anomalous activity (…) We did two things immediately: We took steps to secure our systems and to notify Microsoft of the event.”said State Department spokesman Matthew Miller during a press conference
Miller assured that the US government has not made public any attribution about who could be behind the cyber incident. However, the computer giant Microsoft said in a blog post that China-based hackers seeking intelligence breached email accounts. from various US government agencies.
“The threat author that Microsoft links to this incident is a China-based adversary that Microsoft calls Storm-0558″said the company, which launched an investigation into “abnormal mail activity” on June 16.
According to Microsoft, Storm-0558 gained access to email accounts of approximately 25 organizations, including government agencies. And pointed out that Storm-0558 “mainly targets Western European government agencies and focuses on espionagedata theft and access to credentials”.
In the post, Charlie Bell, Microsoft’s executive vice president, said, “We assess that this adversary is focused on espionage, how to gain access to email systems for the collection of intelligence data.
And he added that “this type of adversary motivated by espionage seeks to abuse credentials and gain access to data located on sensitive systems.
Microsoft maintained that what was determined so far in the investigation “revealed that as of May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organizations, including government agencies and related consumer accounts.