News

‘Chinese email hack hits Western European governments’

Security Parrot Editorial Team

Microsoft Announces Chinese Hackers Carried Out Espionage Activities on American Organizations

Microsoft announced this week that Chinese hackers had carried out espionage activities on American organizations. The leaked information was said to include email messages from Trade Secretary Gina Raimondo, who plays a crucial role in China’s export restrictions on computer chips.
Microsoft had its sights on the hacker group, which it named Storm-0558, in mid-June. The tech giant indicated that about 25 organizations had been compromised. The hackers had gained access to the email accounts by using fake authentication tokens via a Microsoft account (MSA) consumer signing key, or MSA key for short. Microsoft has since taken steps to prevent a recurrence.

Western Europe Also Affected

The espionage activities had mainly focused on America, but Bloomberg reports that Western European authorities had also been affected by the leak. According to US sources from this outlet, the entire attack plan involved a small group of targets. The CISA and FBI have recommended that organizations strengthen the security of their Microsoft 365 cloud environments.
In Europe, it is not yet entirely clear who has been attacked. Italian security experts are said to be in contact with Microsoft to identify potential targets in that country.

Rhetoric Back and Forth

China has responded to the development with a sneer at America. According to foreign affairs spokesman Wang Wenbin, America is the world’s biggest espionage and cyber threat. This is a recurring rhetoric in the so-called “Chip War”, as Bloomberg often calls it.

MSA Keys

The email hack involved counterfeiting tokens needed to log into an account. According to security expert Sami laiho, the MSA key that is required for this is not easy to obtain. He suggests to Bloomberg that it is possible that Microsoft itself has been compromised. Microsoft has not commented on this, and it is likely that it would only have to report such an incident to US authorities.
Another Bloomberg source believes that this is an important source of tension between the US and Microsoft. The lack of free logging within Microsoft products would hamper further research. Microsoft does store logs itself and can look for evidence there for a customer, but the source speaks of a “recipe for inadequate visibility into what has happened within a network.”

Weekly Updates For Our Loyal Readers!

Share this Article
Lost your password?