| Advertisement |
July 12 (UPI) -- Microsoft said it thwarted Chinese hackers who targeted customer email accounts at government agencies throughout Europe and the United States in a cyberattack. In a statement Tuesday, Microsoft said the attacks targeted about 25 agencies, including government agencies, as well as individuals associated with them through apparent cracks in Microsoft's security systems.
Advertisement
"Microsoft has completed mitigation of this attack for all customers," the company said in a statement, adding that "no customer action is required."
Microsoft placed blame on Storm-0558, which it described as "an adversary based in China" who was "focused on espionage."
Microsoft said its engineers detected the breach on June 16, but a preliminary investigation has since determined the trail of anomalous mail activity went back as far as May 15, when a Chinese-based hacker identified as Storm-0558 first gained access to Outlook email accounts.
"We have successfully blocked Storm-0558 from accessing customer email," the company said on Tuesday. "Microsoft has contacted all targeted or compromised organizations directly via their tenant admins and provided them with important information to help them investigate and respond."
The hackers used forged electronic authentication tokens to pull the data, Microsoft said, adding that "it only takes one successfully compromised account login to gain persistent access."
U.S. officials, meanwhile, said the data breach was still being investigated to determine its full scope.
"Last month, U.S, government safeguards identified an intrusion in Microsoft's cloud security, which affected unclassified systems," National Security Council spokesperson Adam Hodge told CNN. "Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service. We continue to hold the procurement providers of the U.S. Government to a high security threshold."
Microsoft notified its customers worldwide about the breach, as well as other big tech companies in an effort to boost awareness about increasing frequency of such attacks.
The digital break-in was the latest in a series of recent Chinese actions against IT systems throughout Western Europe, Microsoft said.
In its blog post, Microsoft said it was ramping up security measures in wake of the attack, while trying to reassure customers that their personal data was safe.
"The accountability starts right here at Microsoft," the statement said. "We remain steadfast in our commitment to keep our customers safe. We are continually self-evaluating, learning from incidents, and hardening our identity/access platforms to manage evolving risks around keys and tokens."
In May, Western intelligence agencies accused China of spying on critical U.S. infrastructure sectors as part of a worldwide surveillance campaign.
The latest breach also comes as the Biden administration has stepped up efforts to uproot Chinese telecommunications equipment worldwide amid increasing fears of espionage.
The government was also working with global partners to stop emerging technologies from floating freely to China as Washington was increasingly wary that Beijing could use the advances to enhance its war capabilities amid growing tensions in Asia.
Earlier this year President Joe Biden banned federal employees from using TikTok on government devices, citing national security concerns as the app was owned by the Chinese company ByteDance. The popular app has also been banned on government devices in dozens of U.S. states.
Hacking fears have also reached a groundswell on Capitol Hill as several lawmakers have introduced bills that would limit Chinese technology in the U.S.
