China-based hackers breached Western European government email accounts, Microsoft says
A China-based hacking group has broken into email accounts linked to government agencies in Western Europe, Microsoft Corp. said this week
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A China-based hacking group has breached email accounts linked to government agencies in Western Europe, Microsoft Corp. says.
In a blog post published Tuesday, Microsoft said the group, which it identified as Storm-0558, focuses on acts such as espionage and data theft.
The group gained access to email accounts affecting about 25 organizations including government agencies and to accounts of individuals linked to these organizations, and had gone undetected for about a month until customers complained to Microsoft about abnormal mail activity.
“We assess this adversary is focused on espionage, such as gaining access to email systems for intelligence collection,” Charlie Bell, Microsoft's executive vice president of security, said in a separate Microsoft post.
The hackers carried out the breach by forging authentication tokens — a piece of information used to verify the identity of a user — required to access the email accounts. Microsoft has since dealt with the attack and informed affected customers.
Microsoft said it is working with the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency, among others, to guard against such attacks.
It also said it would continue to monitor Storm-0558’s activities.
The Storm-0558 attack is the latest security breach discovered to have been carried out by China-based hackers.
Last month, Google-owned cybersecurity firm Mandiant said suspected state-backed Chinese hackers broke into the networks of hundreds of public and private sector organizations globally by using a security hole in a popular email security tool.
Earlier this year, Microsoft said state-backed Chinese hackers have been targeting U.S. critical infrastructure and could be laying the technical groundwork for the potential disruption of critical communications between the U.S. and Asia during future crises.
China says the U.S. also engages in cyberespionage against it, hacking into computers of its universities and companies.