Chinese-based hackers gained access to the emails of at least one U.S. federal agency last month through a vulnerability in Microsoft email systems, the Biden administration confirmed Wednesday.
Zoom out: The hack comes weeks after a Russian-linked cybercriminal group also breached networks at U.S. agencies, and as tensions grow between the U.S. and China.
The Cybersecurity and Infrastructure Security Agency and the FBI put out a joint advisory Wednesday announcing that an unnamed federal agency first spotted the suspicious activity in mid-June after noticing Microsoft 365 audit logs were being accessed by licensed users in Exchange Online mailboxes through abnormal programs. The agency then reported the activity to Microsoft and CISA.
Details: The attackers pierced the agency’s systems and those of around two dozen other organizations by using forged authentication tokens in a breach first made public by Microsoft on Tuesday night. The Microsoft investigators identified the infiltrators as Storm-0558, a group that primarily uses espionage, credential access and data theft to target government agencies in Western Europe.
“Last month, U.S. government safeguards identified an intrusion in Microsoft’s cloud security, which affected unclassified systems,” White House National Security Council spokesperson Adam Hodge said in a statement Wednesday. “Officials immediately contacted Microsoft to find the source and ..
Support the originator by clicking the read the rest link below.
