US ambassador to China hacked in China-linked spying operation
The hack of the US ambassador to China’s email account is believed to have compromised hundreds of thousands of government documents.
Hackers linked to Beijing accessed the email account of the US ambassador to China, Nicholas Burns, in an attack that is believed to have compromised at least hundreds of thousands of individual US government emails, according to people familiar with the matter.
Daniel Kritenbrink, the assistant secretary of state for East Asia, was also hacked in the cyber-espionage attack, the people said. The two diplomats are believed to be the two senior-most officials at the State Department targeted in the alleged spying campaign disclosed last week, one of the people said.
The contours of the campaign aren’t fully known. Though limited to unclassified emails, the inboxes of Burns and Kritenbrink could have allowed the hackers to glean insights into US planning for a recent string of visits to China by senior Biden administration officials, as well as internal conversations about US policies toward its rival amid a period of delicate diplomacy that has been challenged repeatedly in recent months.
Burns and Kritenbrink are the second and third senior Biden administration officials to be
identified in news reports as having their emails hacked. US Secretary Gina Raimondo’s email was also compromised in the breach, US officials have said.
It appeared that Secretary of State Antony Blinken’s email account wasn’t directly infiltrated in the hack, nor were those in his circle of top advisers, one of the people familiar with the matter said. Instead, the hackers appeared to focus on a small number of senior officials responsible for managing the US-China relationship.
The estimate of individual emails accessed is rough and could also grow, the people said.
“For security reasons, we will not be sharing additional information on the nature and scope of this cybersecurity incident at this time,” a State Department spokesman said. “The department continuously monitors and responds to activity of concern on our networks. Our investigation is ongoing, and we cannot provide further details at this time.”
The White House National Security Council declined to comment. Kritenbrink accompanied Blinken on his trip to China a month ago, and Kritenbrink, Burns and Blinken all attended meetings with senior Chinese officials and with Chinese leader Xi Jinping. Before the high-level talks in Beijing, Kritenbrink led a trip of less senior officials to lay the groundwork.
The State Department has led the Biden administration’s effort to boost communications with China and notch progress in select areas including climate change and synthetic opioid trade. Deep-seated disagreements over Taiwan, spying and other issues have led to a deterioration in relations, with broad US political concerns about China preventing any reversal of the trend, officials say.
The recent hack was pulled off by leveraging a flaw in Microsoft’s cloud-computing environment and has since been fixed, according to the company, which said more than two dozen organisations globally were affected. Fewer than 10 organisations were compromised in the US and each of those appeared to have a small number of individual email accounts directly accessed by the hackers, a senior American cybersecurity official said last week. It isn’t known whether any federal agencies beyond the State and Commerce departments were targeted.
Microsoft hasn’t publicly disclosed how the breach began and has said it is continuing to investigate the incident.
US officials have described the attack as surgical in nature – something that targeted a small number of specifically chosen high-value victims – and have sought to play down its overall impact, likening it to routine digital espionage that is constantly going on between adversarial nations.
But security experts and former intelligence officials have said the attack appeared to be unusually stealthy and impressive, and noted its timing during an uptick in diplomatic outreach between the US and China following months of plummeting relations over the Ukraine war, the American discovery and shooting down of what it said was a Chinese surveillance balloon, and revelations of increased Chinese intelligence co-operation with Cuba.
The US hasn’t formally blamed China for the hack, but senior Biden administration officials said they have no reason to doubt Microsoft’s assessment linking it to a Chinese hacking group. China has denied the allegations and accused the US of engaging in rampant cyber-enabled espionage around the world.
Cybersecurity specialists at the State Department were the first to detect the espionage campaign. Microsoft said the hack began in May but wasn’t unearthed until mid-June, a date that closely aligned with the timing of Antony Blinken’s travel to China, the first US secretary of state to visit Beijing in five years.
– William Mauldin contributed to this article
The Wall Street Journal
More Coverage
Trump’s vision for Gaza revives idea once reviled in Israel
Resurgent ultranationalist movement latches on to US president’s proposal to relocate Palestinians.
Inside the Salvadoran mega-prison offering to take America’s worst criminals
Lockup currently houses thousands of members of gangs that terrorised the Central American country for decades.