A bipartisan group of 14 senators is asking the State Department for more information on the recent China-based cyberattack that exposed vital cloud servers and sensitive electronic communications of senior officials at the agency.
In a July 26 letter to Kelly Fletcher, chief information officer at State Department, the senators asked for more information on the Storm-0558’s cyberespionage campaign that was reported earlier this year.
The letter was signed by Sens. Eric Schmitt, R- Mo., Tim Kaine, D-Va., Bill Hagerty, R-Tenn., Ben Cardin, D-Md., Mike Braun, R-Ind., Josh Hawley, R-Mo., Cynthia Lummis, R-Wyo., J.D. Vance, R-Ohio., Katie Britt, R-Ala., Rick Scott, R-Fla., Mark Kelly, D- Ariz., John Barrasso, R-Wyo., Tim Scott, R-S.C., and Pete Ricketts, R- Neb.
“The PRC [People’s Republic of China] is singularly focused on using its advanced hacking program to acquire sensitive information, especially from the United States. Using a blend of state and non-state actors, China has sought to gain access to information systems across the U.S. Federal government,” the senators wrote.
The senators want answers to the following questions:
- Which State Department officials were compromised during the cyber-espionage campaign led by the Storm-0558 program;
- After notifying the proper authorities of the cloud-based security attack, when was the security patch provided to mitigate ongoing and future attacks;
- What steps is the department taking to mitigate future sophisticated attacks? Does the department anticipate needing additional tools to support this effort; and
- How will this recent cyber-intrusion shape the State Department’s potential $10 billion Evolve IT initiative?
The whereabouts of this cyberattack were initially brought to light by a Microsoft cybersecurity team. The team pinpointed the attacks as being of Chinese origin and found that they exposed cloud servers that the State Department was utilizing.
The malicious actors conducted the attacks by exploiting forged authentication tokens to expose user emails by acquiring their Microsoft account consumer signing key.
“Cyber-espionage originating from China has increased significantly and will better mitigate against attacks. It is crucial those in the executive, Federal, and legislative branches are confident the only people reading their emails are the intended recipients – not our adversaries,” stated the senators.
The senators want a response to their letter by Sept 6.