Chinese intelligence hacked U.S government emails in ‘significant’ breach
Chinese intelligence hacked U.S government emails in ‘significant’ breach
The group attacked over two dozen government agencies in Western Europe and the U.S., and compromised associated personal accounts of employees.
The group attacked over two dozen government agencies in Western Europe and the U.S., and compromised associated personal accounts of employees.
I like how they make it seem like China has really leveled up their cybersecurity skillset to be able to hack into these systems. I'd bet money most of the access comes from phishing credentials from humans.
unless everyone is blatantly lying, it doesn't seem like it:
“This was a very advanced technique used by the threat actor against a limited number of high value targets. Each time the technique was used, it increased the chances of the threat actor getting caught,” said Google Cloud’s Mandiant senior vice president and chief technical officer Charles Carmakal. “Kudos to Microsoft for leaning in, figuring this out, remediating, collaborating with partners and being transparent.”
“Last month, U.S. government safeguards identified an intrusion in Microsoft’s cloud security, which affected unclassified systems. Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” National Security Council spokesperson Adam Hodge said in a statement to The Wall Street Journal. “We continue to hold the procurement providers of the U.S. government to a high security threshold.”>
Just because it's a technique doesn't mean it isn't social engineering.
This either happens a lot or it happened a few weeks ago? I guess the official US statement is the news? Is it that the US is doing the same and so can't react too strongly or can they not prove it was the Chinese government? Seems kind of like it should be a bigger deal. Not long before nation-state cyberattacks are going to count similarly to actual nation-state physical attacks.
So at what point do we consider cyberattacks to be acts of war and actually fucking do something more than hand-wringing
What are your expectations here? Bombing Shanghai and toppling the world economy in retaliation for stealing unclassified emails?
I'm sure it was made freely available...no hacking necessary when you've bought some politicians.