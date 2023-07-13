The US State Department announced this Wednesday that it was the target of a cyberattack, less than a month after a group of Russian hackers infiltrated various government agencies.

According to American media such as The Washington Post or CNN, the current attack would have been committed by a group of Chinese cyberspiesaffecting the emails of officials of the Departments of State and Commerce.

In a statement to CNN, government spokesman Adam Hodge explained that last month “a Microsoft cloud security intrusion was detected, affecting unclassified systems”, and that government officials immediately contacted the company to notify them.

Among the officials affected would be the Secretary of Commerce herself, Gina Raimondo, according to The Washington Post. The newspaper also explains that the risks have already been mitigated, although the case continues to be investigated by the FBI.

On tuesday night, Microsoft confirmed that it had mitigated an attack by “a China-based risk actor.”

According to Microsoft, China-based hackers seeking intelligence breached email accounts from various US government agencies.

“The threat actor Microsoft links to this incident is a China-based adversary Microsoft calls Storm-0558,” the company said in a blog post, announcing the start of an investigation into “threat activity.” anomalous mail” on June 16.

According to the American technology, Storm-0558 gained access to email accounts of approximately 25 organizations, including government agencies.

This type of espionage-motivated adversary seeks to abuse credentials and gain access to localized data.

In the Microsoft corporate blog post, Charlie Bell, the company’s executive vice president, said they estimate that “This adversary focuses on espionage, such as gaining access to email systems for the collection of intelligence data.

“This type of espionage-motivated adversary seeks to abuse credentials and gain access to data located on sensitive systems,” the executive said.

The agency in charge of US diplomacy confirmed this Wednesday that it detected “abnormal activity” in its systems, against which “immediate measures” were taken, a spokesman said in a statement.

“We will continue to closely monitor and respond quickly to any further activity in the future,” the spokesperson added, noting that the incident is under investigation.

The cyberattack comes less than a month after, on June 15, a Russian group of “hackers” managed to infiltrate various US Government agencies.

Behind the cyberattack was the “CL0P” group, also known as “TA505”, but at the time there were no indications that the “hackers” were acting in coordination with the Government of Vladimir Putin, according to an official at the time.

The biggest cyberattack on the US government in recent years, however, took place in 2019, when some 18,000 government agencies fell victim to a massive hack, also by Russian agents, through the use of SolarWinds software.

The disclosure of this hacker attack comes after Secretaries of State Antony Blinken and Treasury Secretary Janet Yellen traveled to China and the shooting down of a surveillance balloon linked to the Asian giant by the United States.

INTERNATIONAL WRITING

*With AFP and EFE