US Ambassador to Beijing hacked in China-linked spying operation

Beijing-linked hackers hacked the email account of U.S. Ambassador to China Nicholas Burns as part of an espionage operation, the Wall Street Journal (WSJ) reported. This breach is believed to have compromised a significant number of individual U.S. government emails, possibly reaching hundreds of thousands.

In addition to Ambassador Nicholas Burns, Daniel Kritenbrink, the assistant secretary of state for East Asia, was also hacked by the wider spying operation, which was previously disclosed by Microsoft. The report cited individuals familiar with the matter as the source of this information.

The State Department was questioned about the reported breach of the two diplomats’ accounts, but it declined to provide any specific details, stating that the investigation into the spying operation was still ongoing.

Before the WSJ report appeared, Kritenbrink was asked at a congressional hearing on U.S. China policy whether he could rule out that his or his staff’s emails were targeted in the Microsoft hack.

“I can’t comment on an investigation that’s underway being conducted by the FBI, but no, I will not rule it out,” Kritenbrink said.

Burns and Kritenbrink join U.S. Commerce Secretary Gina Raimondo as the only publicly named victims of the espionage campaign, which prompted a warning by Washington’s top diplomat to his Chinese counterpart.

“China firmly opposes and combats cyber attacks and cyber theft in all forms. This position is consistent and clear,” Liu Pengyu, spokesperson for China’s embassy in Washington, said in an emailed response to Reuters.

“Identifying the source of cyber attacks is a complex technical issue. We hope that relevant sides will adopt a professional and responsible attitude … rather than make groundless speculations and allegations.”

Microsoft said last week that Chinese hackers misappropriated one of its digital keys and used a flaw in its code to steal emails from U.S. government agencies and other clients.

The company did not immediately return a message seeking comment on the WSJ report.

The breach has thrown Microsoft’s security practices under scrutiny, with officials and lawmakers calling on the Redmond, Washington-based company to make its top level of digital auditing, also called logging, available to all its customers free of charge.

Microsoft said in a statement late on Thursday that it was taking the criticism on board.

Last week, White House National Security Council spokesperson Adam Hodge said an intrusion in Microsoft’s cloud security “affected unclassified systems,” without elaborating.

“Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service,” Hodge added.

The State Department “detected anomalous activity” and “took immediate steps to secure our systems,” a department spokesperson said in a statement at the time.

Reporting by Shubhendu Deshmukh in Bengaluru and Raphael Satter, Simon Lewis, David Brunnstrom and Chris Sanders, in Washington; Additional reporting by Laurie Chen in Beijing.

With inputs from Reuters.