Chinese hackers stole Microsoft engineer’s signing key to breach US officials’ emails

Chinese hackers have obtained a consumer signing key, which was then used to breach U.S. officials’ emails earlier this year. The key was accessed through a Microsoft engineer’s account, exposing vulnerabilities in the system and raising concerns about cybersecurity.

Following an investigation into the breach, it was discovered that a consumer signing system crash in April 2021 led to a snapshot of the crash process, known as a crash dump. Unfortunately, this crash dump incorrectly contained the consumer signing key, allowing hackers to exploit the situation.

As part of the standard debugging process, the crash dump and signing key were unintentionally transferred from Microsoft’s “isolated” production network to its internet-connected corporate network. This oversight provided an opportunity for the Chinese hackers, who are identified as Storm-0558, to gain access to the debugging environment.

Using the stolen key, the hackers were able to forge authentication tokens, ultimately granting them unauthorized access to the targeted emails belonging to 25 organizations in the public cloud, including U.S. federal agencies. Although the breach was part of an intelligence-gathering effort, no classified information was compromised.

Microsoft first disclosed the breach in July after a customer report prompted an investigation. National security advisor Jake Sullivan confirmed that the U.S. government was the first to discover the breach in mid-June. The incident primarily affected the State and Commerce departments, with Commerce Secretary Gina Raimondo being among those impacted.

In response to the breach, Republican lawmakers on the House Oversight and Accountability Committee have launched an investigation. They have requested briefings from Raimondo and Secretary of State Antony Blinken to understand the full extent and ramifications of the breach within their respective departments.

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Reference

Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Denial of responsibility! Vigour Times is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
DMCA compliant image

Leave a Comment