Emails Of US Envoy To China, Senior State Department Official Accessed In Chinese Cyber Attack: Report

Chinese hackers reportedly exploited a flaw in Microsoft’s cloud computing environment and accessed emails of several US government officials, including top officials like US envoy to China Nicholas Burns and Assistant Secretary of State for East Asia Daniel Kritenbrink.

Cyber Security

The emails of the US envoy to China and another senior Department of State official were accessed in a Chinese cyber attack, according to a report. 

The envoy, Nicholas Burns, is among many US officials whose emails were accused in the Chinese cyber attacks. He is joined in the list by Assistant Secretary of State for East Asia Daniel Kritenbrink among the reported targets of the attack. 

While Burns and Kritenbrink are among the targets, the report says the emails of Secretary of State Antony Blinker and his closest advisers were not breached. 

The Wall Street Journal reported that Burns and Kritenbrink are among the "hundreds of thousands" of email account-holders that were compromised in the attack. Another senior official from the Joe Biden administration targeted in the attack is Commerce Secretary Gina Raimondo. 

"When the attack was first disclosed last week, the administration admitted the email account of the commerce secretary, Gina Raimondo, had also been compromised. US officials were quoted as saying those were the three most senior targets but that in total, hundreds of thousands of government email accounts could have been breached," reported Guardian, citing the WSJ.

The report further said that the breach occurred because of a flaw in the Microsoft's cloud services, which was exploited by the hackers. 

The report said, "US intelligence officials are reported to have been taken by surprise by the stealth and sophistication of the cyber-attack, which exploited a flaw in Microsoft’s cloud computing environment which has since been fixed, the company said."

The UPI reported that the breach was reported on June 16 and went undetected for around a month until then. 

"Technical staff at the State Department discovered the breach on June 16 and notified Microsoft engineers, but a preliminary investigation has since determined the trail of anomalous activity went back as far as May 15," reported UPI.

The Guardian reported that Microsoft identified the perpetrators as the Chinese group Storm-0558, which it called “well-resourced” and “focused on espionage”