Microsoft: Chinese Hackers Breached US Govt Email Accounts

FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
TT
20

Microsoft: Chinese Hackers Breached US Govt Email Accounts

FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo

Chinese-based hackers seeking intelligence information breached the email accounts of a number of US government agencies, computer giant Microsoft said.

"The threat actor Microsoft links to this incident is an adversary based in China that Microsoft calls Storm-0558," the company said in a blog post late Tuesday.

Microsoft said Storm-0558 gained access to email accounts at approximately 25 organizations including government agencies, AFP said.

Microsoft did not identify the targets but a US State Department spokesperson said the department had "detected anomalous activity" and had taken "immediate steps to secure our systems."

"As a matter of cybersecurity policy, we do not discuss details of our response and the incident remains under investigation," the spokesperson said.

According to The Washington Post, the breached email accounts were unclassified and "Pentagon, intelligence community and military email accounts did not appear to be affected."

But the paper reported Wednesday evening, quoting US officials, that State Department email accounts and that of Commerce Secretary Gina Raimondo were hacked. Raimondo's agency has angered China by imposing tough export controls on Chinese technologies.

CNN, citing sources familiar with the investigation, said the Chinese hackers targeted a small number of federal agencies and the email accounts of specific officials at each agency.

In the blog post, Charlie Bell, a Microsoft executive vice president, said "we assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection.

"This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems," Bell said.

US National Security Adviser Jake Sullivan addressed the hack in an appearance on Wednesday on ABC's Good Morning America, and said it had been detected "fairly rapidly."

"We were able to prevent further breaches," Sullivan said.

"The matter is still being investigated, so I have to leave it there because we're gathering further information in consultation with Microsoft and we will continue to apprise the public as we learn more," Sullivan said.

Espionage and data theft
Microsoft said Storm-0558 "primarily targets government agencies in Western Europe and focuses on espionage, data theft, and credential access."

The Redmond, Washington-based company said it had launched an investigation into "anomalous mail activity" on June 16.

"Over the next few weeks, our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organizations including government agencies as well as related consumer accounts.

"They did this by using forged authentication tokens to access user email using an acquired Microsoft account consumer signing key," the company said. "Microsoft has completed mitigation of this attack for all customers."

US Senator Mark Warner, chairman of the Senate Select Committee on Intelligence, said the panel is "closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence."

"It's clear that the PRC is steadily improving its cyber collection capabilities directed against the US and our allies," Warner said in a statement.

Disclosure of the Chinese hacking comes on the heels of trips to China by US Secretary of State Antony Blinken and Treasury Secretary Janet Yellen and the shooting down by the United States of a Chinese surveillance balloon.

In May, Microsoft said state-sponsored Chinese hackers called "Volt Typhoon" had infiltrated critical US infrastructure networks.

Microsoft highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets in that attack, but said "malicious" activity had also been detected elsewhere in the United States.

"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the company said at the time.

Microsoft's May statement coincided with an advisory released by US, Australian, Canadian, New Zealand and British authorities warning that the hacking was likely occurring globally.

China denied the allegations, describing the Microsoft report as "extremely unprofessional" and "scissors-and-paste work."

"It is clear that this is a collective disinformation campaign of the Five Eyes coalition countries, initiated by the US for its geopolitical purposes," foreign ministry spokeswoman Mao Ning said, referring to the security alliance of the United States and its Western allies that wrote the report.



Samsung Says Trade Turmoil Raises Chip Business Volatilities, May Hit Phone Demand

A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)
A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)
TT
20

Samsung Says Trade Turmoil Raises Chip Business Volatilities, May Hit Phone Demand

A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)
A man walks past the logo of Samsung Electronics displayed outside the company's Seocho building in Seoul on April 30, 2025. (Photo by Jung Yeon-je / AFP)

South Korean technology giant Samsung Electronics warned on Wednesday US tariffs could cut demand for products such as smartphones, making it difficult to predict future performance.
According to Reuters, Samsung said it expected its semiconductor business to encounter greater uncertainties throughout the year, while its smartphone shipments faced downward pressure in the second quarter.
The cautious outlook from one of the world's biggest electronics manufacturers reflects the uncertainties roiling global trade due to US President Donald Trump's tariff war, and comes a day after General Motors pulled its annual forecast.
The world's largest memory chipmaker reported a small rise in first-quarter operating profit as customers concerned about US tariffs rushed to purchase smartphones and commodity chips, mitigating the impact of its underperforming artificial intelligence chip business.
It reported 6.7 trillion won ($4.68 billion) in operating profit for the quarter ended in March, up 1.2% from a year earlier and in line with its earlier estimate.
Samsung shares, one of the worst-performing major tech stocks last year, fell 0.4% in line with the broader market.
Steep US tariffs on Chinese goods and toughening restrictions on AI chip sales to China, Samsung's top market, threaten to dampen demand for some of the electronics components the company produces such as chips and smartphone displays.
Trump's "reciprocal" tariffs, most of which have been suspended until July, threaten to hit dozens of countries including Vietnam and South Korea where Samsung produces smartphones and displays.
Samsung said it was considering relocating the production of TVs and home appliances in response to the tariffs.
Chip demand is expected to remain solid in the second quarter, driven by AI servers and preemptive purchasing activities after the pause in tariffs, Samsung said.
But it warned that the frontloading of chip shipments by some customers may have a negative impact on demand later this year.
“We believe that demand uncertainties are growing in the second half as a result of recent changes in tariff policies in major countries, and strengthening of AI chip export controls,” Kim Jae-june, a Samsung vice president in the memory division, said on an earnings call.
Samsung CFO Park Soon-cheol said however that "we cautiously expect the overall performance to gradually improve as we move into the second half, assuming the easing of current uncertainties".
Some analysts were unconvinced, saying the company did not give detailed guidance for its struggling AI chip business.
"With pull-in demand still ongoing and macro uncertainty lingering, the explanation for the 'first-half low, second-half rebound' outlook was lacking," Ryu Young-ho, a senior analyst at NH Investment & Securities said.
AI CHIPS
Samsung's mobile device and network business reported a 23% rise in profit to 4.3 trillion won during the period, reaching its highest level in four years, helped by the latest version of the flagship Galaxy S model with AI features.
Samsung has accelerated smartphone production in Vietnam, India and South Korea ahead of the US duties, a person familiar with the matter told Reuters earlier.
While mobile performed strongly, the chip division's operating profit slumped 42% to 1.1 trillion won from a year earlier despite chip stockpiling by some customers.
Samsung reported a fall in sales of High Bandwidth Memory (HBM) - used in AI processors - due in part to US export controls on AI chips.
Samsung said it had supplied samples of its enhanced HBM3E products to major customers and expected HBM sales, which have bottomed out in the first quarter, to "gradually" rise from the second quarter, without offering detailed targets.
Analysts estimate that about one third of Samsung's HBM revenue has come from China, and it lags behind cross-town rival SK Hynix in supplying such chips to Nvidia in the United States.
SK Hynix last week logged its second-highest quarterly operating profit in the first quarter with a 158% jump to 7.4 trillion won, boosted by strong AI-related demand.
Revenue rose 10% to 79.1 trillion won in the January-to-March period, in line with its earlier estimate of 79 trillion won.