Hackers associated with Beijing managed to breach the email accounts of Nicholas Burns, the US ambassador to China, and Daniel Kritenbrink, the assistant secretary of state for East Asia, as reported by multiple sources. Burns and Kritenbrink are considered to be the most senior officials from the State Department who were targeted in this cyber attack.
“For security reasons, we will not be sharing additional information on the nature and scope of this cybersecurity incident at this time. The Department continuously monitors and responds to activity of concern on our networks. Our investigation is ongoing, and we cannot provide further details at this time,” a State Department spokesperson stated.
Significantly, Kritenbrink joined Secretary of State Antony Blinken during his recent diplomatic trip to Beijing.
On Thursday, the exact details of the information acquired by the cyber attackers remained somewhat unclear. There were no public reports suggesting that Secretary of State Antony Blinken’s account was compromised.
In addition to the State Department, the cyber breach also affected Secretary of Commerce Gina Raimondo’s email account, as reported by multiple sources.
Both the State Department and Commerce Department acknowledged last week that their email systems had been breached in this cyber campaign.
The specifics of the attack were disclosed by Microsoft in a blog post, where the responsible party was described as a “China-based actor.”
The software company accused the hackers of gaining unauthorized access to email accounts in around 25 organizations but refrained from naming them.
According to Microsoft, they became aware of the hack on June 16, 2023, and further investigation revealed that the attack started on May 15, 2023. The company stated that they had successfully mitigated the attack for all their customers.
While the State Department took credit for notifying Microsoft about the breach, they did not immediately confirm whether the perpetrators were based in China.
Furthermore, the State Department did not disclose whether any classified information had been compromised during the breach.
In a separate statement, the Commerce Department mentioned that Microsoft informed them of the cyber intrusion, and they promptly took action to respond to the situation.
According to Microsoft’s schedule, the email breach might have been detected only a few hours before Blinken left for China to attend a two-day summit in Beijing on June 17.
When asked, State Department spokesperson Matt Miller refused to confirm whether Blinken had knowledge of the hack before he set out on his trip.
The trip had been initially planned for February but got postponed due to the presence of a Chinese spy balloon flying over US airspace from January 28 to February 4, which sparked controversy.
