State, Commerce Department emails hit by China-linked hackers

Chinese government-linked hackers attempted to breach email accounts at the State Department and Commerce Department earlier this year, according to revelations from Microsoft.

Both agencies confirmed in separate statements that they had been affected by the attack, which was discovered hours before Secretary of State Antony Blinken’s trip to Beijing last month.

“The Department of State detected anomalous activity, took immediate steps to secure our systems, and will continue to closely monitor and quickly respond to any further activity,” a State Department spokesperson told The Post.

“As a matter of cybersecurity policy, we do not discuss details of our response and the incident remains under investigation. The Department of State has a robust cyber security program to protect our systems and information and works continuously to build resilience,” the spokesperson added.


Secretary of State Antony Blinken
It is not immediately clear if Secretary of State Antony Blinken was privy to the cyber infiltration prior to his trip to China last month.
AP

The Commerce Department said Microsoft had notified it of a compromise to the tech giant’s Office 365 system and “took immediate action to respond.”

“We are monitoring our systems and will respond promptly should any further activity be detected,” the statement added. “The Department maintains strong cyber security protections, which we update to address a rapidly evolving cyber security landscape.”

Microsoft detailed the attack in a blog post that described the culprit as a “China-based actor.” The company claimed the hackers gained access to email accounts across roughly 25 organizations, which it did not identify.


Microsoft corporate building
Microsoft identified the perpetrator as a ‘China-based actor’ but the State Department was reticent to namedrop Beijing publicly.
AP

State Department spokesperson Matt Miller said Wednesday that the agency’s cybersecurity team first uncovered the attempted infiltration and alerted Microsoft.

Miller emphasized that an investigation is still ongoing.

Microsoft revealed it learned of the cyber intrusion on June 16, 2023, and that its investigation showed the attack commenced on May 15, 2023. The software firm noted that it had “completed mitigation of this attack for all customers.”


Microsoft sign
Microsoft did not immediately specify that the State Department was affected by the hack, but the department later confirmed it.
AP

Blinken departed for China on the evening of the hack discovery for his two-day summit in Beijing that began on June 17.

Officials believe the attack was targeted at specific accounts rather than a broad cache of data, per the report, The New York Times reported. It is not immediately clear if the cyber intruders managed to snatch any sensitive information.

Miller didn’t specify whether Blinken was aware of the breach before he departed for his trip.

The secretary of state’s visit was postponed from its original date in February in response to a Chinese spy balloon floating across US airspace and near sensitive military sites from Jan. 28 to Feb. 4.


The State Department in Washington DC
The State Department claims its cybersecurity team was the first to spot the cyber attack.
Anadolu Agency

Antony Blinken
Secretary of State Antony Blinken led the charge to patch up relations with China amid an array of grievances between the two sides.
REUTERS

Blinken’s trip marked the first time a sitting US Secretary of State had set foot in Beijing in five years and came amid heightened tensions between the two global superpowers.

The State Department has been targeted by cyber deviants in the past. Back in 2014 and 2015, Russia hackers penetrated it and carried out similar attacks against the White House, Joint Chiefs of Staff, and more.