China-US: Chinese hackers breach US Commerce Minister’s email; Blinken warns Chinese counterpart
A case has come to light of a group of Chinese hackers breaking into the emails of officials of the US Ministry of Commerce. US Commerce Secretary Gina Raimondo was among a group of senior US officials whose emails were hacked by a group earlier this year. Microsoft says about the group that it is based in China. A person familiar with the matter told that cases of digital piracy are continuously coming to the fore.
Secretary of State Antony Blinken warned Chinese Foreign Minister Wang Yi at a meeting in Jakarta on Thursday that any actions targeting the US government, US companies or American citizens are of deep concern to us and we will take appropriate action to hold those responsible accountable.
Microsoft disclosed on Tuesday that a Chinese hacking operation had exploited a secret flaw in a part of the company’s authentication software to break into email accounts belonging to 25 unknown organizations. Since this news broke, several victims other than the Commerce Department have acknowledged that they have been affected, including personnel at the State Department and the US House of Representatives. The infiltration activity started in May and continued for about a month.
The Chinese Foreign Ministry, in a statement to the media earlier this week, dismissed the allegations as “disinformation”. Raimondo’s ministry has implemented a series of export control policies against China, curbing the transfer of semiconductors and other sensitive technologies. A Commerce Department spokeswoman said Wednesday that Microsoft notified the agency “of an agreement with Microsoft’s Office 365 system and the department took immediate action to respond.” declined to comment on the intrusion.
Let us tell you that in March this year, a report by the US Inspector General’s Office sharply criticized the Department of Commerce’s fundamental shortcomings in the Cyber Security Incident Response Program. The report said the Commerce Department violated security protocols, did not properly use cyber-security tools and did not handle simulated cyber attacks well.
A senior FBI official said on Wednesday that no confidential information was stolen during the hacking operation. The hacking was highly targeted, they only accessed email inboxes and the data was not destroyed.
