Chinese hackers breached the email of Commerce Secretary Gina Raimondo and State Department officials in the weeks before State Secretary Antony Blinken visited Beijing in June, New York Times reported citing United States officials.
The investigation is underway, but the United States officials, on July 12, downplayed the idea that the Chinese hackers, who are likely to be part of the military or spy services, have stolen the sensitive information, insisting that no classified email or cloud systems were penetrated. The State Department’s cybersecurity team first discovered the intrusion.
Raimondo, who has been one of the most outspoken critics of Beijing in the administration, was among the targets, according to two United States officials. Recently, she tightened export controls on China, threatening to cut off the country’s supply of United States semiconductor technology if it provides the chips to Russia. Raimondo is also expected to visit China by the end of the summer, reported New York Times.
It is unclear if Raimondo was the intended target of the breach, but the commerce secretary has been part of the Biden administration’s efforts to place sanctions on Chinese companies amid rising tensions between the two countries. The commerce department oversees the United States Government’s “Entity List,” which is a list of foreign individuals, companies, and Governments which are restricted from importing United States technology without a proper license. Currently, the list features more than 600 Chinese entities, Forbes reported.
Based on their preliminary investigation, officials believe she was the only cabinet-level official to be successfully hacked. The hackers were not able to acquire emails in Blinken’s Microsoft 365 account, even as they got access to other State Department email boxes, officials said.
Multiple officials said the attack was aimed at individual email accounts rather than a large-scale exfiltration of data, which Chinese hackers are suspected of having done before.
US President Joe Biden’s administration officials declined to give a full accounting of which the hackers had targeted officials.
Earlier, on July 11, Microsoft revealed that the Chinese hackers, with the intention to collect intelligence on the United States, have gained access to Government email accounts. The attack was targeted, according to a person briefed on the intrusion into the government networks, with the hackers going after specific accounts rather than carrying out a broad-brush intrusion that would suck up enormous amounts of data.
It is pertinent to mention that the State Department discovered the intrusion on June 16 and informed Microsoft that day, just ahead of Blinken’s trip to Beijing, a United States official said. He departed from Washington that evening.
After Blinken, Treasury Secretary Janet L Yellen also visited Beijing. President Biden and Xi Jinping, Chinese Premier, agreed in a meeting in Bali, Indonesia, last November to try to stabilize relations, but tensions between the two nations ramped up when the Pentagon discovered and shot down a Chinese spy balloon that was floating over the continental United States in early February.
After the discovery of the spy balloon hovering in United States skies, Blinken’s visit to China in February was cancelled. In a statement on July 12, the State Department said that after detecting “anomalous activity,” the Government took steps to secure the systems and “will continue to closely monitor and quickly respond to any further activity.”
After the State Department reported the hack to Microsoft, the company found that the hackers had also targeted some 25 organisations, including Government agencies, according to New York Times.
The Commerce Department was notified about the breach by Microsoft, and it took “immediate action to respond,” a spokesperson told the press without providing exact details.
