China-based hackers breach State Department email accounts

Hackers in China recently broke into the email accounts of about 25 organizations, including several government agencies, Microsoft said.
The State Department confirmed it was one of the victims, a spokesperson said Wednesday, and first alerted Microsoft and US government cybersecurity officials to the hacking campaign.
The Cybersecurity and Infrastructure Security Agency, the federal cybersecurity watchdog, announced Wednesday that it only learned of the breach in mid-June.
Microsoft has not named any of the affected countries or agencies, but said the group is primarily focused on hacking Western governments to spy on them. Microsoft said it was working with CISA to kick out the hackers, indicating that US organizations were among the victims.
Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, said he and other committee members are “closely monitoring what appears to be a significant cybersecurity breach by Chinese intelligence.”[ads1];
“It is clear that China is constantly improving its cyber collection capabilities targeting the United States and our allies,” Warner added, using an acronym for the People’s Republic of China. “Close coordination between the U.S. government and the private sector will be critical to countering this threat.”
In a press conference Wednesday, a senior CISA official, who asked not to be named as a condition of participating in the conversation, declined to say exactly how many other US federal agencies were affected, but said the number “is in the single digits.”
The hacks began on May 15 and went undetected until June 16, Microsoft announced in a report Tuesday night. The perpetrators were primarily focused on gaining access to email accounts and no longer have that access, it said.
The hackers were able to see the victims’ emails, and appeared to target only a handful of specific people, the official said.
“This appears to have been a very targeted, surgical campaign,” he said. Only unclassified mailboxes were affected, he said.
Microsoft did not say whether it believed the hacker group is affiliated with China’s government.
Unlike those working for Russia or Iran, hackers working for China rarely focus on disrupting their targets, but they are generally regarded as some of the most prolific cyber spies in the world.
A spokesperson for the Chinese Embassy in Washington, DC, did not immediately respond to an email seeking comment. A Chinese Foreign Ministry spokesman told The Associated Press that any accusation of government involvement was “disinformation.”