Connect with us

Hi, what are you looking for?

Editor's Pick

Chinese spies who read State Dept. email also hacked GOP congressman

The suspected Chinese hackers who forged Microsoft customer identities to read the emails of State Department employees also obtained the personal and political emails of Rep. Don Bacon, a moderate Republican from Nebraska on the House Armed Services Committee.

Bacon tweeted Monday that he had been notified by the FBI that his emails were hacked by Chinese spies who took advantage of a Microsoft mistake for a month between mid-May and mid-June, which lines up with when investigators said the other breaches occurred.

Bacon said that he would “work overtime” to make sure that Taiwan receives all of the billions of dollars in U.S. weaponry that it has ordered.

“I’m a big proponent for Taiwan,” Bacon told The Washington Post by text message. “I suspect they’d like info to embarrass me or to undercut me politically. As I told FBI, I have nothing to be embarrassed about.”

Government and private sources told The Post a month ago that victims of the hacking campaign included Commerce Secretary Gina Raimondo, unnamed State Department employees, a human rights advocate and think tanks.

They also said that a congressional staffer had been targeted.

Bacon told The Post he was notified of the hacking only Monday, which suggests that new victims are still being discovered. The FBI did not respond to requests for comment. Neither did Microsoft.

Officials have described the spying as traditional espionage of the sort expected by all sides. It was about observation on issues of special concern, such as the U.S. response to escalating tensions between the autonomous island of Taiwan and China, which claims it.

But the breach has alarmed experts for another reason: It was unclear how the government could have prevented it while relying exclusively on Microsoft for cloud, email and authentication services.

Microsoft has said that the hackers obtained powerful signing keys they needed to create verified customer identities that could sidestep multifactor authentication. Combined with other Microsoft failings, millions of people could have been exposed to attack.

Officials have said that only a couple dozen entities were impersonated before the State Department found suspicious behavior in its activity logs. Microsoft was then able to search its own logs for the master key that the hackers had obtained and block future access.

Multiple members of Congress have demanded that federal agencies explain how they plan to combat similar attacks in the future and that Microsoft make logs more widely available, which it agreed to do.

Sen. Ron Wyden (D-Ore.) has gone further, asking the Justice Department and Federal Trade Commission to investigate whether Microsoft’s security practices were so poor as to be in violation of laws or its 20-year-old FTC consent decree requiring better security after the breach of what was then its single sign-on tool for authentication, Passport.

Wyden also urged the Department of Homeland Security to have its two-year-old Cyber Safety Review Board examine the Microsoft cloud breach. Last week, the board said it would take up the task.

The Department of Homeland Security referred questions to the FBI.

Leigh Ann Caldwell and David DiMolfetta contributed to this report.

This post appeared first on The Washington Post







    Become a VIP member by signing up for our newsletter. Enjoy exclusive content, early access to sales, and special offers just for you! As a VIP, you'll receive personalized updates, loyalty rewards, and invitations to private events. Elevate your experience and join our exclusive community today!



    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.

    You May Also Like

    Stock

    Union members at Ford, Stellantis and General Motors have ratified a new 4½-year contract, locking in at 11% pay increases secured after a six-week...

    Investing

    ASX-listed Antilles Gold (ASX:AAU, OTCQB:ANTMF) is an Australian mining company focused on gold and copper projects in Cuba through joint ventures with the Cuban...

    Editor's Pick

    California Gov. Gavin Newsom announced Sunday that he was appointing Emily’s List President Laphonza Butler as the replacement to former senator Dianne Feinstein (D-Calif.),...

    Editor's Pick

    JERUSALEM — Iran launched a massive attack of more than 300 missiles and drones toward Israel late Saturday, a stunning assault that put the...

    Disclaimer: investmentintellecthub.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


    Copyright © 2024 InvestmentIntellectHub.com