According to Microsoft, hackers in China recently compromised the email accounts of approximately 25 organizations, including multiple government agencies.
At least one of these organizations is a U.S. government entity. Mid-June was when “a Federal Civilian Executive Branch (FCEB) agency,” which was not named, discovered the intrusion for the first time, according to the Cybersecurity and Infrastructure Security Agency, the central federal cybersecurity watchdog.
Microsoft did not identify the affected nations or agencies but stated that the group concentrates primarily on hacking and spying on Western governments. Microsoft stated that it collaborated with the Cybersecurity and Infrastructure Security Agency to expel the hackers, signifying that U.S. organizations are among the victims.
Sen. Mark Warner, D-Virginia, the chairman of the Senate Intelligence Committee, stated that he and other committee members are “closely monitoring what appears to be a significant breach of cybersecurity by Chinese intelligence.”
Warner added, “It is evident that the PRC is steadily enhancing its cyber collection capabilities directed against the United States and our allies.” To counter this menace, close coordination between the U.S. government and the private sector will be essential.
The attacks began on May 15 and remained undetected until June 16, Microsoft reported Tuesday evening. The perpetrators’ access to email accounts has been revoked, as they predominantly targeted them.
Microsoft has not stated whether or not it believes the malware group is affiliated with the Chinese government.
In contrast to their counterparts in Russia and Iran, Chinese hackers focus less on disrupting their targets, but they are among the most prolific cyberspies in the world.
A spokesperson for the Chinese Embassy in Washington, D.C., did not immediately respond to a request for comment sent via email. According to a spokesperson for the Chinese Ministry of Foreign Affairs, any allegations of government involvement are “disinformation.”