Federal Agency Identified Chinese Cyberattack Against Microsoft
A federal civilian agency alerted the Cybersecurity and Infrastructure Security Agency about a recent Chinese cyberattack against Microsoft email accounts, federal officials told reporters Wednesday in a conference call. Microsoft reported Tuesday that Chinese attackers gained access to some 25…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
organizations including government agencies and individual consumer accounts. The attack started May 15, and Microsoft was alerted to the activity June 16. The hackers gained access “by using forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key,” Microsoft said. Those tokens have since been blocked. CISA and the FBI issued a joint advisory on the attack Wednesday. The federal agency, which officials declined to identify, noticed unexpected activity on its Microsoft 365 network, a senior CISA official told reporters. The attackers accessed a “limited amount” of Microsoft Outlook data, the official said. The intrusion shouldn’t be compared to the SolarWinds supply chain attack, an FBI official said, calling it a much “narrower” attack. Officials declined to state an exact number of victims in the Microsoft attack. The Senate Intelligence Community is “closely monitoring” the breach, Chairman Mark Warner, D-Va., said Wednesday. “It’s clear [China] is steadily improving its cyber collection capabilities directed against the U.S. and our allies,” said Warner. “Close coordination between the U.S. government and the private sector will be critical to countering this threat.”