Chinese hackers infiltrated US email servers hosted by Microsoft for a period of one month, according to recent reports. Microsoft disclosed that a hacking group known as Storm-0558 had

gained access to federal government email servers by forging authentication tokens. The breach was initially detected on June 16, with Microsoft suspecting that the hackers had gained entry around May 15. However, White House National Security Adviser Jake Sullivan downplayed the severity of the breach, stating that it was detected and resolved quickly.

While the US State Department has not officially identified the source of the hack, they acknowledged Microsoft's announcement regarding the Chinese hacking group's involvement. The State Department detected unusual activity and promptly secured their systems, notifying Microsoft of the incident. State Department spokesman Matthew Miller refrained from discussing specific details but stated that cybersecurity policy prevented them from divulging further information.

Microsoft stated that the Storm-0558 group primarily targets government agencies in Western Europe. This time, they gained access to email accounts of approximately 25 organizations, including US government agencies. Microsoft confirmed that the hacking group exploited Outlook Web Access in Exchange Online and Outlook.com, using forged authentication tokens to access user emails. The company has since blocked the use of tokens issued with the compromised key for affected customers.

US officials have been increasingly vocal about the cybersecurity threats posed by Chinese hackers to American businesses and government institutions. The recent breach follows a similar attack last year by another suspected Chinese hacking group known as Hafnium on Microsoft Exchange email servers.

In response to the allegations, Chinese Foreign Ministry spokesman Wang Wenbin accused the US government of overseeing the "world's No.1 hacking group," referring to the National Security Agency. Chinese Embassy spokesperson Liu Pengyu condemned any form of hacking and reiterated claims that the US government was responsible for cyber attacks. Liu called on the US to stop spreading disinformation and address reports of cyber attacks conducted by its cybersecurity institutions against China.

The investigation into the recent breach is ongoing, with authorities working to determine the extent of the damage and the motives behind the attack. Photo by B_A, Wikimedia commons.