Chinese hackers breach State Department, other U.S. government emails
 |
| Chinese hackers breach State Department, other U.S. government emails |
MICROSOFT THING A GROUP OF CHINESE HACKERS HAS GAINED ACCESS TO SOME OF ITS CUSTOMERS EMAIL ACCOUNTS >> HACKERS EXPLOITED THE COMPANY'S CLOUD EMAIL SERVICE TO BRIEF DEFENSES OF MULTIPLE ACCOUNTS. >> NICHOLS GANG THAT JOINS US NOW FROM OUR DC BUREAU. WHAT DO WE KNOW ABOUT WHO OR WHAT ENTITY CARRIED OUT THIS ATTACK? >> Reporter: WE KNOW IT WAS CARRIED OUT BY A STATE- SPONSORED GROUP OF HACKERS, THIS ONE HAS THE NICKNAME STORM 0558.
THE HACKING PENETRATED ABOUT 25 ORGANIZATIONS, AND MICROSOFT SAYS THAT WHILE THE BREACHES HAVE BEEN MITIGATED, THE INVESTIGATION REMAINS ONGOING, SAYING IT WAS FOR THE FBI. NOW, YESTERDAY, SR. GOVERNMENT OFFICIALS FROM THE FBI AND THE NATION'S TOP CYBER AGENCY TOLD CBS NEWS NO CLASSIFIED INFORMATION WAS TAKEN.
AND, THERE IS NO EVIDENCE HACKERS INFILTRATED NETWORKS BEYOND A SMALL NUMBER OF MICROSOFT OUTLOOK INBOXES. U.S. OFFICIALS WERE QUICK TO POINT OUT THIS IS NOT SOLAR WIND 2.0, NOT A SUPPLY-CHAIN ATTACK AND BEYOND THAT, SOMETIMES IN THE CYBER WORLD, WE CAN SEE CRIMINALS USE A VULNERABILITY TO ACCESS AS MANY DIFFERENT NETWORKS AS THEY CAN.
THESE ARE NOISY CAMPAIGNS, THEY ARE KNOWN AS A SPRAY AND PRAY HACKS, THEY ARE COMMON IN FINANCIALLY MOTIVATED SCHEMES BUT THAT IS ALSO NOT THE CASE HERE. IS A NARROW TARGETED ESPIONAGE CAMPAIGN THAT WORKED QUIETLY TO INFILTRATE SPECIFIC TARGETS, INCLUDING U.S. GOVERNMENT AGENCIES, TO THAT WE KNOW OF, AND IT SPEAKS TO THE SOPHISTICATION OF THE ACTORS BEHIND IT.
 |
| Chinese hackers breach State Department, other U.S. government emails |
TELL US, WHO DID THIS HACK ACTUALLY TARGET? WHAT KIND OF DAMAGE DID IT DO?
THE STATE DEPARTMENT WAS GROUND ZERO OF THESE ATTACKS ACCORDING TO GOVERNMENT OFFICIALS. THAT AGENCY FIRST DISCOVERED THE INTRUSION, AND ALERTED A MICROSOFT. BUT, IN ADDITION TO THE STATE DEPARTMENT, A SMALL NUMBER OF EMAIL ACCOUNTS AT THE DEPARTMENT OF COMMERCE WERE ALSO HACKED, INCLUDING THAT OF SECRETARY GINA RAIMONDO.
IT REMANS UNCLEAR IF THE CABINET SECRETARY REGULARLY USES THAT ACCOUNT, BUT AS I SAID A TOTAL OF ABOUT 25 ORGANIZATIONS WORLDWIDE WERE HACKED AND FBI OFFICIALS SAY THE NUMBER OF U.S.-BASED ORGANIZATIONS REMAIN IN THE SINGLE DIGITS. THESE ARE OBVIOUSLY, TENSIONS HAVE RISEN OVER THAT CHINESE A SURVEILLANCE BALLOON WHICH PASSED OVER THE UNITED STATES, EARLIER THIS YEAR.
BEIJING'S CLOSE RELATIONSHIP TO MOSCOW, DURING THE WAR IN UKRAINE, NOT TO MENTION CHINA'S CONTINUED THREATS TO TAIWAN, AND WHEN IT COMES TO THE COMMERCE DEPARTMENT, YOU KNOW, WE KNOW THAT EXPERT CONTROLS ON CHINESE TECHNOLOGIES HAVE BEEN MET WITH SOME FRUSTRATION, BY CHINESE COUNTERPARTS. >> NICKEL, WE KNOW THAT SECRETARY BLINKEN IS MEETING WITH A TOP CHINESE OFFICIAL IN INDONESIA TODAY.
WE WONDER IF THIS TOPIC WILL COME UP. WHAT ARE YOUR THOUGHTS ON THAT? CAN YOU SHED SOME LIGHT ON THE TIMELINE OF THIS ATTACK? >> ON THE TIMELINE, THE HACKERS HAD ACCESS TO EMAIL ACCOUNTS FOR ABOUT A MONTH BEFORE THE ISSUE WAS DISCOVERED BY THE STATE DEPARTMENT. U.S. OFFICIALS SAY NOT ALL THE VICTIMS HAD BEEN BREACHED FOR A FULL MONTH BEFORE THE DISCOVERY WAS MADE.
FOR SOME, IT WAS DAYS. NOTABLE TIMING, THE INTRUSION WAS FIRST DISCOVERED IN MID JUNE, THAT IS AROUND THE FIRST TIME SECRETARY OF STATE ANTONY BLINKEN MADE HIS TRIP TO BEIJING. TODAY, BLINKEN MET WITH CHINA'S TOP DIPLOMAT IN INDONESIA, THIS RANKS AMONG THE MANY LIKELY TOPICS OF DISCUSSION FOR THE TWO DIPLOMATS.
