CNN
—
China-based hackers breached the email account of US Ambassador to China Nicholas Burns as part of a recent intelligence-gathering campaign, three told CNN US officials familiar with the matter.
Hackers also accessed the email account of Daniel Kritenbrink, the assistant secretary of state for East Asia, who recently traveled with Secretary of State Antony Blinken to China, the people said.
The news, reported for the first time by the Wall Street Journal, adds to the fallout for the United States from the alleged Chinese hack first disclosed last week. Hackers also infiltrated Commerce Secretary Gina Raimondo’s emails, CNN previously reported.
US officials have consistently labeled China as America’s most advanced adversary in cyberspace, a domain that has repeatedly been a source of bilateral tension in recent years. The FBI has said Beijing has a hacking program larger than all other governments combined.
The hackers breached the unclassified US government email system, and US officials generally operate under the assumption that anything on the unclassified network can be hacked. Still, the Biden administration believes the Chinese hacking operation gave Beijing insight into American thinking ahead of Blinken’s high-risk trip to China in June, CNN reported.
Blinken raised the issue of the hacking incident in a meeting with top Chinese diplomat Wang Yi last week, a senior State Department official said.
When Blinken was asked last week about the hack, before it was reported that Burns and Kritenbrink’s emails had been accessed, he did not say how the United States plans to respond.
“I cannot discuss the details of our response. Beyond that, and most critically, this incident remains under investigation,” Blinken told a news conference in Jakarta, Indonesia.
In response to Microsoft’s assessment that China-based hackers were behind the activity, the Chinese foreign ministry accused Washington of conducting its own hacking operations.
The hack began in mid-May, when China-based hackers used a stolen login key to break into email accounts, according to Microsoft.
Hackers had a month’s lead over US government officials. A State Department analyst in mid-June noticed unusual cyber activity on the department’s computer systems and alerted Microsoft to the problem, according to multiple sources.
Senior cyber officials at the State Department and the US Cybersecurity and Infrastructure Agency (CISA) scrambled to figure out the severity of the breach.
“We don’t know exactly what’s going on, but we know there’s a problem,” a US official told CNN, summarizing how the State Department alerted other agencies.
Eric Goldstein, a senior CISA official, told CNN he received calls about the hack while on a weekend getaway outside Washington with his children.
“The critical work that [the State Department does] conduct on behalf of the American people” made it important to understand the seriousness of the hack, Goldstein said.
CISA engineers used a simulation lab to test different theories about how hackers might have gotten into State Department email accounts, he told CNN.
The fact that US officials and Microsoft analysts initially had trouble identifying how the hackers got into the email accounts told US officials they were dealing with a sophisticated hacking team, said the another US official told CNN.