US officials said on Wednesday that Chinese hackers attempted to break into certain State Department email accounts in the weeks before Secretary of State Anthony J. Blinken to Beijing in June.
US officials said the investigation into the efforts of Chinese hackers, who are likely linked to China’s military or spy services, is continuing. But US officials have played down the idea that the hackers stole sensitive information, insisting no confidential email or cloud systems were hacked. The State Department’s cybersecurity team discovered this intrusion for the first time.
Several officials said the attack targeted individual email accounts, not large-scale data theft, which Chinese hackers are suspected of doing before. Biden administration officials declined to identify the officials targeted by the Chinese hackers.
Microsoft, which disclosed the hack on Tuesday, said the hack began in May, according to their investigation, and was discovered on June 16, before Mr. Blinken’s trip to Beijing. He left Washington that evening. The trip was crucial for both Washington and Beijing: It was the first visit by a US female secretary of state to China in five years and was intended to establish high-level channels of communication and improve flagging relations. Since then, Treasury Secretary Janet L. Yellen has visited Beijing, and John Kerry, the special climate envoy, plans to land there Sunday for four days of talks.
President Biden and China’s leader Xi Jinping agreed at a meeting in Bali, Indonesia, last November to try Relationship stability, but the two countries clashed when the Pentagon discovered and shot down a Chinese spy balloon that was floating over the continental United States in early February. Mr. Blinken canceled a trip to China during that episode, then publicly accused China a few weeks later of considering sending military aid to Russia for use in Ukraine.
A senior State Department official who spoke on condition of anonymity to discuss the sensitive incident said the hack did not initially appear to be directly related to the flight. Other officials cautioned that the investigation into what, if any, material the hackers stole was still in its infancy.
In a statement on Wednesday, the State Department said that after “unusual activity” was detected, the government took steps to secure the systems and “will continue to closely monitor and respond quickly to any additional activity.”
After the State Department reported the hack to Microsoft, the company found that the hackers also targeted about 25 organizations, including government agencies. Microsoft, which described the attack as hackers going after specific accounts rather than a widespread intrusion, didn’t say how many accounts it believes may have been hacked by Chinese hackers.
The United States and China are locked in an intense intelligence competition, with both governments trying to expand their pool on the other. U.S. officials said that although such espionage and hacking would be expected, they are conducting an aggressive investigation to shut down both the Chinese hackers’ exploit against the State Department as well as other potential security vulnerabilities in cloud computing.
The State Department is a frequent target of foreign government hacking. Russian intelligence has repeatedly targeted State Department computer networks. In 2014 and 2015, Russian hackers breached the State Department, the Joint Chiefs of Staff, the White House, and other important, but unclassified, computer networks.