As part of a suspected cyber-espionage effort, hackers thought to be connected to China have compromised the email systems at over two dozen businesses, including several U.S. government institutions, by taking advantage of flaws in Microsoft software.
According to The Wall Street Journal, the hackers, known as “Storm-0558,” gained access to private computer networks by taking advantage of a security flaw in Microsoft’s cloud computing infrastructure. Officials and security researchers are particularly concerned about this revelation since it is thought to be a component of a wider spying operation that may have jeopardized sensitive U.S. government data.
“U.S. government security measures discovered a breach in Microsoft’s cloud security last month, which had an impact on unclassified systems.” According to Adam Hodge, spokesperson for the White House National Security Council, “officials notified Microsoft right after to identify the issue and vulnerability associated with their cloud service. We continue to hold the federal government’s procurement suppliers to a high-security level,” he continued.
The exact scope and seriousness of the event, as well as the specific institutions and people impacted, are still unknown. The episode has highlighted rising worries among senior Western intel officials concerning Chinese hackers’ capacity to plan sneaky strikes that can go undetected for years.
China, on the other hand, has repeatedly denied hacking American institutions and charged the US and its allies with focusing on Chinese networks. Requests for comment about the event were not answered by the Chinese embassy in Washington.
Microsoft has acknowledged that the hackers exploited a security flaw in its cloud computing system. In a statement, Microsoft revealed that “the hackers broke into the email accounts at approximately twenty-five organizations and struck consumer accounts which were probably linked to these entities.” Since then, the business has reduced the security flaw and is assisting the affected clients.
“Prior to disclosing further information to the public,” Microsoft said “it has been working with the affected users and alerting them.”
In June, Breitbart News reported on another significant breach carried out by the Chinese:
“The latest Chinese cyberattack Mandiant discovered once again took use of email application security holes to infect an undetermined amount of computer systems. The email program in this instance is known as Barracuda Email Security Gateway (ESG).”
“On May 23, Barracuda disclosed that it had found a zero-day vulnerability or a hole in software security that had not yet been noticed by security experts but had been exploited by hackers. By structuring filenames in a way that fooled the ESG system into implementing them without appropriate authentication, attackers were able to obtain unauthorized access to some areas of the email system and install malicious code.”
“The weakness was promptly fixed by Barracuda, but the company issued a warning that hackers may have been abusing it for up to seven months prior to its discovery. Barracuda released an urgent update on June 11 advising users to replace vulnerable ESG devices right away, regardless of the installed patches or even software version level. This is a sobering testament to the seriousness of the flaw and how ruthlessly hackers had already exploited it before security experts were made aware of it.”