Urgent: Accounts of important ministries were hacked, and Microsoft reveals the reason
Microsoft has disclosed the underlying motive behind the unauthorized access to the accounts of American officials.
In a recent blog post, the author revealed that the intrusion into the accounts of American government officials by Chinese hackers was a direct consequence of the unauthorized access to the account of an engineer employed by the company.
According to a blog post published by Microsoft on Wednesday, the engineer's account was unlawfully accessed by a hacker organization referred to as Storm-0558. This gang, as confirmed by US officials, was responsible for the theft of emails from the US Departments of State and Commerce.
According to statements made by United States officials, it was reported that an entity referred to as "Storm-0558" had illicitly acquired emails from the United States Departments of State and Commerce.
Methods for Unauthorised Access to User Accounts.
The article elucidated the methodology employed by the hackers in extracting an encryption key from the engineer's account, afterward utilizing it to gain unauthorized access to email accounts that were beyond the intended scope of the key's permissions.
According to Microsoft, the vulnerability that facilitated unauthorized access to the key from an undisclosed engineer's account, so enabling hackers to unlawfully obtain emails, has been successfully resolved.
Previously, Microsoft disclosed a cyber intrusion perpetrated by a Chinese entity known as Storm-0558, which had a detrimental impact on the email systems of numerous governmental institutions within the United States.
In a recent blog post, Microsoft, a prominent technology corporation, has attributed the source of this security threat to China, based on their observations of the hacking group's intricate tactics. According to reports, Storm-0558 successfully penetrated the email networks of approximately 25 organizations, including notable government bodies. Nevertheless, Microsoft decided to withhold the precise identity of the victims.
While refraining from disclosing specific targets, a spokeswoman from the US State Department acknowledged the presence of "anomalous activity" within its networks, promptly enhancing digital defenses to safeguard the integrity of these systems. As is customary in the field of cybersecurity, specific information regarding the response and ongoing investigation has been kept classified.