Communications Daily is a Warren News publication.

Federal Agency Identified Chinese Cyberattack Against Microsoft

A federal civilian agency alerted the Cybersecurity and Infrastructure Security Agency about a recent Chinese cyberattack against Microsoft email accounts, federal officials told reporters Wednesday in a conference call. Microsoft reported Tuesday that Chinese attackers gained access to some 25…

Sign up for a free preview to unlock the rest of this article

Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!

organizations including government agencies and individual consumer accounts. The attack started May 15, and Microsoft was alerted to the activity June 16. The hackers gained access “by using forged authentication tokens to access user email using an acquired Microsoft account (MSA) consumer signing key,” Microsoft said. Those tokens have since been blocked. CISA and the FBI issued a joint advisory on the attack Wednesday. The federal agency, which officials declined to identify, noticed unexpected activity on its Microsoft 365 network, a senior CISA official told reporters. The attackers accessed a “limited amount” of Microsoft Outlook data, the official said. The intrusion shouldn’t be compared to the SolarWinds supply chain attack, an FBI official said, calling it a much “narrower” attack. Officials declined to state an exact number of victims in the Microsoft attack. The Senate Intelligence Community is “closely monitoring” the breach, Chairman Mark Warner, D-Va., said Wednesday. “It’s clear [China] is steadily improving its cyber collection capabilities directed against the U.S. and our allies,” said Warner. “Close coordination between the U.S. government and the private sector will be critical to countering this threat.”