Current:Home > ContactMicrosoft says Chinese hackers breached email, including U.S. government agencies -Blueprint Wealth Network
Microsoft says Chinese hackers breached email, including U.S. government agencies
View
Date:2025-04-17 14:15:26
Tech giant Microsoft disclosed on Tuesday evening that it discovered a group of Chinese hackers had broken into some of its customers' email systems to gather intelligence.
The company began investigating unusual activity within a few weeks of the initial attack, though the culprits were able to repeatedly manipulate credentials to access accounts.
According to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, one federal government agency first detected unusual activity on its Microsoft 365 email cloud environment last month, and immediately reported the activity to Microsoft and CISA.
CISA did not identify the government agency in question in a blog post published on Wednesday concerning the breach.
However, a State Department spokesperson said later on Wednesday that the department "detected anomalous activity" and "took immediate steps to secure our systems," suggesting it may have been the agency to first alert Microsoft to the problem. The State Department declined to comment further on its cybersecurity incident response, which "remains under active investigation," according to the spokesperson.
The hackers, which Microsoft identified as China-based actors from a group it calls Storm-0558, were able to break in and steal some data from the accounts, according to CISA's blog post. However, the data that was taken was unclassified, according to CISA.
It's unclear how many U.S. government agencies were targets, and what exactly was stolen. However, Microsoft says the attack is now contained.
The breach reveals the ongoing challenge of keeping sophisticated actors out of systems. Microsoft describes the hackers as "well-resourced" and "focused on espionage."
However, this is not the first time Microsoft has been the target of this kind of breach. The U.S. government is putting pressure on companies to hold high security standards.
"Last month, U.S. government safeguards identified an intrusion in Microsoft's cloud security, which affected unclassified systems. Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service," wrote Adam Hodge, the acting senior director for press at the White House's National Security Council, in a statement. "We continue to hold the procurement providers of the U.S. Government to a high security threshold."
The spy game
These kinds of hacks are, unfortunately, a common part of the spy game — a game of breaches and patches, protection and response between the U.S. and its adversaries.
The goal is to limit the number of vulnerabilities available for adversaries to exploit, as well as the time hackers are able to lurk inside systems without being detected. Additionally, it's especially important for agencies to protect more sensitive information outside of online email systems. That goes especially for organizations that are attractive targets to spies, from U.S. government agencies to critical infrastructure companies, defense contractors and others.
In this case, CISA confirms that it is Microsoft's responsibility to patch the vulnerability and enhance security for authentication procedures, to prevent hackers from mimicking authorized users.
Even so, CISA advises organizations to be on high alert for suspicious activity, given the recent breach. In an advisory, the agency outlines procedures for enhanced monitoring and logging as well as how to contact Microsoft if suspicious activity is detected.
"Critical infrastructure organizations are strongly urged to implement the logging recommendations in this advisory to enhance their cybersecurity posture and position themselves to detect similar malicious activity," wrote CISA.
Asma Khalid contributed to this story.
veryGood! (574)
Related
- Could your smelly farts help science?
- A local Arizona elections chief who quit in a ballot counting dispute just got a top state job
- Is Jason Momoa Irish? 'Aquaman' actor stars in Guinness ad ahead of St. Patrick's Day
- Prosecutors seek from 40 to 50 years in prison for Sam Bankman-Fried for cryptocurrency fraud
- Chuck Scarborough signs off: Hoda Kotb, Al Roker tribute legendary New York anchor
- Judge appoints special master to oversee California federal women’s prison after rampant abuse
- Supreme Court lays out new test for determining when public officials can be sued for blocking users on social media
- Macaulay Culkin and Brenda Song Step Out for Rare Red Carpet Date Night
- Selena Gomez's "Weird Uncles" Steve Martin and Martin Short React to Her Engagement
- Bracketology: Fight for last No. 1 seed down to Tennessee, North Carolina, Arizona
Ranking
- Realtor group picks top 10 housing hot spots for 2025: Did your city make the list?
- In a first, Vice President Harris visits Minnesota abortion clinic to blast ‘immoral’ restrictions
- Identity of massive $1.765 billion Powerball jackpot winners revealed in California
- Nate Oats' extension with Alabama will make him one of college basketball's highest-paid coaches
- This was the average Social Security benefit in 2004, and here's what it is now
- Bradley Cooper and Gigi Hadid Seal Their Romance With a Kiss in New PDA Photo
- 'Billy Bob' the senior dog has been at Ohio animal shelter for nearly 3 years
- Host, radio station apologize for 'offensive' quip about South Carolina star Kamilla Cardoso
Recommendation
John Galliano out at Maison Margiela, capping year of fashion designer musical chairs
Is Jason Momoa Irish? 'Aquaman' actor stars in Guinness ad ahead of St. Patrick's Day
David Viviano, a conservative Michigan Supreme Court justice, won’t seek reelection
Meet the underdogs who overcame significant obstacles to become one of the world's top dog-sledding teams
Federal Spending Freeze Could Have Widespread Impact on Environment, Emergency Management
Shakira Says She Put Her Career on Hold for Ex Gerard Piqué Before Breakup
Blake Lively Seemingly Trolls Kate Middleton Over Photoshop Fail
Internet gambling revenue continues to soar in New Jersey. In-person revenue? Not so much.