Chinese hackers were able to exploit a flaw in Microsoft’s cloud email service, the company has revealed. The hackers were able to gain clandestine access to about 25 organisations through their email systems. The compromised organisations include government agencies as well, the report says.
Storm-0558
Microsoft, which calls the China-based hackers as ‘Storm-0558’, says the group is focused on espionage. “We have been working with the impacted customers and notifying them prior to going public with further details. At this stage — and in coordination with customers — we are sharing the details of the incident and threat actor to benefit the industry,” senior Microsoft official Charlie Bell said in a blog post.
“Our investigation revealed that beginning on May 15, 2023, Storm-0558 gained access to email data from approximately 25 organizations, and a small number of related consumer accounts of individuals likely associated with these organizations,” the blog post added, according to IANS.
“We added substantial automated detections for known indicators of compromise associated with this attack to harden defenses and customer environments, and we have found no evidence of further access … We’ve also been partnering with relevant government agencies like the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). We are thankful they and others are working with us to help protect affected customers and address the issue,” Microsoft said.
Earlier Incident
Earlier in May, Microsoft said it caught Chinese government hackers stealing data from critical infrastructure organizations. This Chinese cyberespionage campaign was pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises,” Microsoft said.
According to Microsoft, since 2021, Chinese hackers have been targeting several industries including communications, manufacturing, utility, transportation, construction, maritime, government and information technology. There have always been concerns that Chinese hackers will target and take down US military networks in case Beijing carries out an invasion of Taiwan. The US has been particularly focusing on the Chinese cyber threat and has led to serious diplomatic spats between the super powers.