“The threat actor Microsoft links to this incident is a China-based adversary Microsoft calls Storm-0558.said the company, which launched an investigation into the “abnormal mail activity” on June 16.
According to the American consortium, Storm-0558 gained access to email accounts of approximately 25 organizations, including government agencies. Microsoft pointed out that Storm-0558 “primarily targets Western European government agencies and is focused on espionage, data theft, and credential access.”
In the post, Charlie Bell, Microsoft’s executive vice president, said that “we assess that this adversary is focused on espionage, such as gaining access to email systems for intelligence gathering.”
“This type of espionage-motivated adversary seeks to abuse credentials and gain access to data located on sensitive systems,” Bell said.
“Significant breach” of cybersecurity by China
Microsoft maintained that what was determined so far in the investigation “revealed that as of May 15, 2023, Storm-0558 gained access to email accounts that affected approximately 25 organizations, including government agencies and related consumer accounts.
US National Security Adviser Jake Sullivan referred to the hack in an appearance on ABC’s Good Morning America, noting that it had been detected “quite quickly.”
US Senator Mark Warner, chairman of the Senate Select Committee on Intelligence, said the panel is “closely monitoring what appears to be a significant breach of cybersecurity by Chinese intelligence.”
Keep reading:
• US government agencies are the victim of a new cyberattack; They assure that it had a “small” scope
• The Lazarus heist: the theft of $14 million dollars that hackers carried out in two hours in ATMs around the world
• The US seizes half a million dollars that were stolen by alleged North Korean hackers