Microsoft will be subjected to uncomfortable scrutiny over its role, after China-based hackers breached US government emails last month.

Bloomberg News reported, citing two people familiar with the matter, that a US cybersecurity advisory panel will investigate risks in cloud computing, including Microsoft’s role in the recent breach of government officials’ email accounts by suspected Chinese hackers.

That triggered US House of Representatives Oversight Committee, which last week announced it is “investigating the recent cyber espionage campaigns which breached the Department of State and the Department of Commerce.”

US government hack

Prior to that Oregon Senator (Democrat) Ron Wyden in July had asked the Federal Trade Commission, the Cybersecurity and Infrastructure Security Agency (CISA) and the US Justice Department to “take action” against Microsoft following the hack.

The issue began in July when Microsoft and the White House confirmed that China-based hackers had compromised the email accounts belonging to a number of US government departments, as well as 25 unnamed organisations.

Microsoft at the time labelled the China-based threat actor Storm-0558, and said the attacks seemed to focused “on espionage, data theft, and credential access.” The intrusion activity began in May and continued for roughly one month.

A number of other US government departments had also been compromised (including the US House of Representatives).

The full extent of the breach, which affected at least two dozen other organisations, is still not clear, but some media outlets reported that hundreds of thousands of emails were stolen.

Indeed, so serious was the attack that US Secretary of State Antony Blinken made clear to China’s top diplomat Wang Yi in a meeting in July that any action that targets the US government, US companies or American citizens “is of deep concern to us, and that we will take appropriate action to hold those responsible accountable.”

It also emerged that emails belonging to some very senior officials in the US government had been compromised by the China-based cyberattack.

Indeed, emails belong to US Commerce Secretary Raimondo, as well senior State Department diplomats, were among those accessed by the hackers.

It is worth remembering that the US Commerce Secretary Raimondo has implemented a series of export control policies against China, curbing the transfer of semiconductors and other sensitive technologies to Beijing.

Microsoft focus

Now according to the Bloomberg report, the Cyber Safety Review Board, which was created by the Biden administration to investigate major cybersecurity events, will focus on risks to cloud computing infrastructure.

It will also examine identity and authentication management, and all relevant cloud service providers, according to a Department of Homeland Security official.

The issue was brought into focus by the breach of Microsoft’s email systems, the official told Bloomberg.

Both people asked not to be named so they could disclose sensitive information.

It comes after Microsoft faced growing questions about how hackers allegedly operating on Beijing’s behalf, obtained one of its cryptographic keys and took advantage of a coding flaw to secure widespread access to the company’s cloud email platform.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

US Probe Of Waymo Uncovers More Incidents – Report

NHTSA says its investigation of Waymo self-driving vehicles has uncovered more incidents that raise concerns

22 hours ago

Fake Accounts Proliferating On X, Study Warns

Ahead of US presidential election, fake accounts supporting Donald Trump are proliferating on Elon Musk's…

23 hours ago

Mike Lynch Defends Himself At HP-Autonomy Trial In US

British founder of Autonomy defends himself in San Francisco federal courthouse against criminal fraud charges

1 day ago

Elon Musk Disagrees With US Tariffs On Chinese EVs

Tesla's Elon Musk confirms opposition to the Biden Administration's implementation of 100 percent tariffs on…

2 days ago

Former Cybersecurity Boss Warns UK Not Heeding China Threat

Ciaran Martin, ex-chief executive of the National Cyber Security Centre, explains growing cyber threat posed…

2 days ago

YouTube Threatens To Block Russian Protest Group’s Anti-War Content

YouTube threatens to pull anti-war content from Russian rights group, after complaint from Putin regime's…

2 days ago