Home
Live TV
Defence
SportFit
India News
World
Latest News
Republic Business
Education
Entertainment
Health
Election News
Videos
Tech
Opinion
Web Stories
Initiatives
Viral
Science News
Lifestyle
Travel
Paralympics
Good News
Download the all-new Republic app:

Published 16:12 IST, July 12th 2023

Chinese hackers breached government mail, says Microsoft

Microsoft said that it had successfully blocked the thread actor Storm-0558 from accessing customer emails with the help of forged authentication tokens.

Reported by: Mannu Mathew
Follow: Google News Icon
  • share
Activities were conducted by forged authentication tokens to access email | Image Credit: Pixabay | Image: self
Advertisement

Tech giant Microsoft claimed that the hackers in China targeted government agencies in Western Europe and focused on data theft, espionage and credential access. The information was disclosed by a Microsoft blog on Tuesday. The blog stated that the company mitigated an attack by a China-based threat actor 'Storm-0558' that targeted customer emails. A threat actor is a malicious factor that is intended to harm the cyber space which includes computers, devices, systems or networks.

chinese hackers

Chinese hacker's intent was on collecting intelligence on the United States gained access to government email accounts, Microsoft disclosed on Tuesday night, the New York Times reported.

Advertisement

What did Microsoft reveal?

Storm-0558 as tracked by Microsoft primarily targets government agencies in western Europe, thereby stealing data and credential access. Further, Microsoft reveals that the investigation began based on a customer report last month. Microsoft started investigating anomalous mail activity and within weeks, it was found that Storm-0558 started accessing email accounts in the month of May and affected approximately 25 organisations that include government agencies and other customer accounts associated.

These activities were conducted by forged authentication tokens to access email with the help of an acquired Microsoft account consumer signing key. Microsoft claims that it has completed mitigation of attacks and thereby reduced the impact it could have on customers.

Advertisement

Microsoft said that it had successfully blocked the thread actor Storm-0558 from accessing customer emails with the help of forged authentication tokens. Further, it called all targeted organisations and provided all the important information to help them investigate and respond.

"We assess that this adversary is focused on espionage, such as gaining access to email systems for intelligence collection. This type of espionage-motivated adversary seeks to abuse credentials and gain access to data residing in sensitive systems," said Charlie Bell - Executive Vice President, Microsoft Security.

Advertisement

Meanwhile, the company is also partnering with US agencies, Department of Homeland Security, Cybersecurity and Infrastructure Security Agency to protect affected customers and address the issues and continues to monitor the Storm-0558 activity.

16:12 IST, July 12th 2023