Hackers linked to the Chinese communist government have exploited a Microsoft engineer's device to breach the inboxes of at least 10 ...
Hackers linked to the Chinese communist government have exploited a Microsoft engineer's device to breach the inboxes of at least 10 Department of State employees, stealing around 60,000 emails as part of a high-profile hack earlier this summer.
The hacking incident is already well known as it even impacted Commerce Secretary Gina Raimondo's emails. The additional information comes from a member of Republican Sen. Eric Schmitt of Missouri's staff, who attended a briefing by State Department IT officials who told lawmakers about the stolen 60,000 emails.
Government officials alleged that in July, Chinese state-backed hackers were able to breach the email accounts of around 25 organizations, including government agencies and officials back in May. The extent of the compromise remains unclear.
Nine of the staffers whose emails were stolen were working in the State Department's Bureau of East Asian and Pacific Affairs, and the 10th was working on European and Eurasian Affairs.
The latest revelation that most of the targets of the May hack were working on issues in East Asia and the Pacific region lends more credence to United States government allegations that the Chinese communist government in Beijing was behind the hack – an accusation that Chinese Communist Party officials have denied.
State Department Chief Information Officer Kelly Fletcher noted in her debrief that the hack focused on retrieving information on Indo-Pacific diplomatic efforts. Among the most sensitive information stolen were the travel itineraries and diplomatic deliberations of the 10 victims. Fletcher added that the hackers could have even viewed the Social Security numbers of the 10 individuals.
Emails breached through Microsoft vulnerability
The State Department officials further noted that the hackers were able to access the 10 accounts by compromising the device of a Microsoft engineer, allowing them to breach the 10 email accounts and giving them access to at least 15 other entities.
Microsoft earlier in September admitted that the July hack of senior State and Commerce Department officials stemmed from the compromise of a Microsoft engineer's corporate account. The new information provided by the State Department has refocused attention on the outsized role Microsoft plays in providing information technology services to the U.S. government.
"We need to harden our defenses against these types of cyberattacks and intrusions," said Schmitt. "We need to take a hard look at the federal government's reliance on a single vendor as a potential weak point."
Since discovering the hack, the State Department has begun moving to "hybrid" environments by contracting other vendor companies to provide I.T. services. Multi-factor authentication is also being used more widely as part of improved measures to protect the department's systems.
A State Department spokesperson also said in a statement that the agency takes seriously its responsibility to safeguard its information and continuously takes steps to ensure information is protected. "Like every large organization with a global presence, we closely monitor cybersecurity conditions," the spokesperson said.
No comments