Hacking Incident: Beijing-Linked Hackers Target US Ambassador to China’s Email
Hackers with links to Beijing successfully breached the email account of US Ambassador to China, Nicholas Burns, in a targeted cyber attack that compromised hundreds of thousands of individual US government emails, according to the Wall Street Journal.
The extent of the breach also included Daniel Kritenbrink, the assistant secretary of State for East Asia, raising significant concerns about the security of sensitive diplomatic communications. Both Burns and Kritenbrink’s email accounts were accessed, highlighting the vulnerabilities in the US government’s unclassified email system.
US authorities have consistently identified China as a highly advanced cyber adversary, with the FBI stating that Beijing has a larger hacking program than all other governments combined. This recent breach further underscores the need for increased cybersecurity measures and vigilance in protecting critical government systems.
The Biden administration is particularly concerned that the hacking operation may have given Beijing insights into US thinking ahead of Secretary of State Antony Blinken’s critical trip to China in June. During a meeting with Chinese diplomat Wang Yi, Blinken addressed the hacking incident, underscoring its seriousness.
The US response to the breach is still undisclosed as the incident remains under investigation. Microsoft, which discovered the breach, reported that China-based hackers misused one of its digital keys and exploited a code flaw to gain unauthorized access to email accounts belonging to US government agencies and other clients.
The hackers began their activities in mid-May, giving them a significant head start before US government responders detected unusual cyber activity in mid-June. Swift action was taken by senior cyber officials at the State Department and the US Cybersecurity and Infrastructure Security Agency (CISA) to assess the situation. However, the sophisticated nature of the hackers’ entry into the email accounts initially made it challenging for US officials and Microsoft analysts to identify the breach’s extent and origin.
Despite the severity of the breach and mounting evidence, the Chinese embassy in Washington has not yet commented on the report, and the Chinese Ministry of Foreign Affairs has previously denied the allegations, dismissing them as “disinformation.” The situation calls for continued diligence in protecting critical systems and diplomatic communications.