عربي English Türkçe اردو فارسى
Logo
Latest News
Technology

Microsoft: Chinese Hackers Breached US Govt Email Accounts

FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
TT
TT

Microsoft: Chinese Hackers Breached US Govt Email Accounts

FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo
FILE PHOTO: Microsoft logo is seen on a smartphone placed on displayed Activision Blizzard logo in this illustration taken January 18, 2022. REUTERS/Dado Ruvic/Illustration/File Photo

Chinese-based hackers seeking intelligence information breached the email accounts of a number of US government agencies, computer giant Microsoft said.

"The threat actor Microsoft links to this incident is an adversary based in China that Microsoft calls Storm-0558," the company said in a blog post late Tuesday.

Microsoft said Storm-0558 gained access to email accounts at approximately 25 organizations including government agencies, AFP said.

Microsoft did not identify the targets but a US State Department spokesperson said the department had "detected anomalous activity" and had taken "immediate steps to secure our systems."

"As a matter of cybersecurity policy, we do not discuss details of our response and the incident remains under investigation," the spokesperson said.

According to The Washington Post, the breached email accounts were unclassified and "Pentagon, intelligence community and military email accounts did not appear to be affected."

But the paper reported Wednesday evening, quoting US officials, that State Department email accounts and that of Commerce Secretary Gina Raimondo were hacked. Raimondo's agency has angered China by imposing tough export controls on Chinese technologies.

CNN, citing sources familiar with the investigation, said the Chinese hackers targeted a small number of federal agencies and the email accounts of specific officials at each agency.

In the blog post, Charlie Bell, a Microsoft executive vice president, said "we assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection.

"This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems," Bell said.

US National Security Adviser Jake Sullivan addressed the hack in an appearance on Wednesday on ABC's Good Morning America, and said it had been detected "fairly rapidly."

"We were able to prevent further breaches," Sullivan said.

"The matter is still being investigated, so I have to leave it there because we're gathering further information in consultation with Microsoft and we will continue to apprise the public as we learn more," Sullivan said.

Espionage and data theft
Microsoft said Storm-0558 "primarily targets government agencies in Western Europe and focuses on espionage, data theft, and credential access."

The Redmond, Washington-based company said it had launched an investigation into "anomalous mail activity" on June 16.

"Over the next few weeks, our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email accounts affecting approximately 25 organizations including government agencies as well as related consumer accounts.

"They did this by using forged authentication tokens to access user email using an acquired Microsoft account consumer signing key," the company said. "Microsoft has completed mitigation of this attack for all customers."

US Senator Mark Warner, chairman of the Senate Select Committee on Intelligence, said the panel is "closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence."

"It's clear that the PRC is steadily improving its cyber collection capabilities directed against the US and our allies," Warner said in a statement.

Disclosure of the Chinese hacking comes on the heels of trips to China by US Secretary of State Antony Blinken and Treasury Secretary Janet Yellen and the shooting down by the United States of a Chinese surveillance balloon.

In May, Microsoft said state-sponsored Chinese hackers called "Volt Typhoon" had infiltrated critical US infrastructure networks.

Microsoft highlighted Guam, a US territory in the Pacific Ocean with a vital military outpost, as one of the targets in that attack, but said "malicious" activity had also been detected elsewhere in the United States.

"Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," the company said at the time.

Microsoft's May statement coincided with an advisory released by US, Australian, Canadian, New Zealand and British authorities warning that the hacking was likely occurring globally.

China denied the allegations, describing the Microsoft report as "extremely unprofessional" and "scissors-and-paste work."

"It is clear that this is a collective disinformation campaign of the Five Eyes coalition countries, initiated by the US for its geopolitical purposes," foreign ministry spokeswoman Mao Ning said, referring to the security alliance of the United States and its Western allies that wrote the report.

Most Viewed

 
 
Technology

TikTok Goes Dark for US Users, Company Pins Hope on Trump

A person holds an iPhone with a message on their TikTok app in Avondale Estates, Georgia, USA, 18 January 2025. (EPA)
A person holds an iPhone with a message on their TikTok app in Avondale Estates, Georgia, USA, 18 January 2025. (EPA)
TT
TT

TikTok Goes Dark for US Users, Company Pins Hope on Trump

A person holds an iPhone with a message on their TikTok app in Avondale Estates, Georgia, USA, 18 January 2025. (EPA)
A person holds an iPhone with a message on their TikTok app in Avondale Estates, Georgia, USA, 18 January 2025. (EPA)

TikTok stopped working in the United States late on Saturday and disappeared from Apple and Google app stores ahead of a law that takes effect Sunday requiring the shutdown of the app used by 170 million Americans.

President-elect Donald Trump said earlier in the day he would "most likely" give TikTok a 90-day reprieve from the ban after he takes office on Monday, a promise TikTok cited in a notice posted to users on the app.

TikTok, which is owned by China's ByteDance, told users attempting to use the app around 10:45 p.m. ET (0345 GMT): "A law banning TikTok has been enacted in the US. Unfortunately, that means you can't use TikTok for now. We are fortunate that President Trump has indicated that he will work with us on a solution to reinstate TikTok once he takes office. Please stay tuned."

Other apps owned by ByteDance, including video editing app Capcut and lifestyle social app Lemon8, were also offline and unavailable in US app stores as of late Saturday.

"The 90-day extension is something that will be most likely done, because it's appropriate," Trump told NBC. "If I decide to do that, I'll probably announce it on Monday."

It was not clear if any US users could still access the app, but it was no longer working for many users and people seeking to access it through a web application were met with the same message that TikTok was no longer working.

TikTok, which has captivated nearly half of all Americans, powered small businesses and shaped online culture, warned on Friday it would go dark in the US on Sunday unless President Joe Biden's administration provides assurances to companies such as Apple and Google that they will not face enforcement actions when a ban takes effect.

Under a law passed last year and upheld on Friday by a unanimous Supreme Court, the platform has until Sunday to cut ties with its China-based parent or shut down its US operation to resolve concerns it poses a threat to national security.

The White House reiterated on Saturday that it was up to the incoming administration to take action.

"We see no reason for TikTok or other companies to take actions in the next few days before the Trump administration takes office on Monday," press secretary Karine Jean-Pierre said in a statement.

TikTok did not respond to a request for comment on the new White House statement.

The Chinese embassy in Washington on Friday accused the US of using unfair state power to suppress TikTok. "China will take all necessary measures to resolutely safeguard its legitimate rights and interests," a spokesperson said.

USERS MOVE TO ALTERNATIVES

Uncertainty over the app's future had sent users - mostly younger people - scrambling to alternatives including China-based RedNote. Rivals Meta and Snap had also seen their share prices rise this month ahead of the ban, as investors bet on an influx of users and advertising dollars.

"This is my new home now," wrote one user in a RedNote post, tagged with the words "tiktokrefugee" and "sad".

Minutes after TikTok's US shutdown, other users took to X, formerly called Twitter.

"I didn’t really think that they would cut off TikTok. Now I’m sad and I miss the friends I made there. Hoping it all comes back in just a few days," wrote @RavenclawJedi.

NordVPN, a popular virtual private network, or VPN, allowing users to access the internet from servers around the world, said it was "experiencing temporary technical difficulties".

Web searches for "VPN" spiked in the minutes after US users lost access to TikTok, according to Google Trends.

Users on Instagram fretted about whether they would still receive merchandise they had bought on TikTok Shop, the video platform's e-commerce arm.

Marketing firms reliant on TikTok have rushed to prepare contingency plans this week in what one executive described as a "hair on fire" moment after months of conventional wisdom saying that a solution would materialize to keep the app running.

There have been signs TikTok could make a comeback under Trump, who has said he wants to pursue a "political resolution" of the issue and last month urged the Supreme Court to pause implementation of the ban.

TikTok CEO Shou Zi Chew plans to attend the US presidential inauguration and attend a rally with Trump on Sunday, a source told Reuters.

Suitors including former Los Angeles Dodgers owner Frank McCourt have expressed interest in the fast-growing business that analysts estimate could be worth as much as $50 billion. Media reports say Beijing has also held talks about selling TikTok's US operations to billionaire and Trump ally Elon Musk, though the company has denied that.

US search engine startup Perplexity AI submitted a bid on Saturday to ByteDance for Perplexity to merge with TikTok US, a source familiar with the company's plans told Reuters. Perplexity would merge with TikTok US and create a new entity by combining the merged company with other partners, the person added.

Privately held ByteDance is about 60% owned by institutional investors such as BlackRock and General Atlantic, while its founders and employees own 20% each. It has more than 7,000 employees in the US.