The US House of Representatives says it has begun a probe into the recent allegations that Chinese hackers breached a number of federal government agencies.
The House Oversight Committee announced on Wednesday that it has sent letters to both US Secretary of State Antony Blinken and Secretary of Commerce Gina Raimondo seeking a staff briefing from both regarding details of a possible email breach.
Reps James Comer (R-KY), Nancy Mace (R-SC), and Glenn Grothmann (R-WI) sent the letters following a series of reports in recent days outlining how a group of hackers believed to be tied to a Chinese APT group managed to infiltrate the email systems of dozens of targets both in the private and government sectors.
"According to recent reports, as part of a ‘suspected cyber-espionage campaign to access data in sensitive computer networks’ by China, the breaches reportedly occurred at over two dozen organizations, including some U.S. government agencies," the members of Congress wrote.
"We request a briefing on the discovery of, impact of, and response to the intrusion."
The intrusion, which was believed to be the work of the Chinese Storm-0558 is said by Microsoft to have been the result of since-hardened vulnerabilities in the Azure Active Directory. By exploiting a validation error in the cloud management platform, the hackers were able to steal authentication keys which then allowed them to access email accounts.
This, in turn, allowed the intruders to covertly spy on the communication of what are believed to be more than two dozen organizations. Microsoft, for its part, noted that the attackers appear to have already had an extensive degree of access to, and knowledge of, their targets before ever attempting to breach them via Azure.
It is believed that both Blinken and Raimondo were among those targeted, as were a number of other officials and organizations carrying out operations related to both China and Taiwan.
As a result, the Republican trio wants answers as what was taken and how it might impact foreign relations going forward.
"We are also concerned that these attacks on federal agencies, which include at least the Department of Commerce and the Department of State, reflect a new level of skill and sophistication from China’s hackers," they wrote.
"China appears to be graduating from 'smash and grab heists' that used to be 'noisy' and 'rudimentary' to a level described by security experts as among the most technically sophisticated and stealthy ever discovered."
Both Blinken and Raimondo were asked to provide the briefings no later than August 9.
