China successfully accessed US ambassador Nicholas Burns’s emails in ‘sophisticated’ hacking attack

In a latest series of cyberattack, thousands of US government emails believed to be compromised

Alisha Rahaman Sarkar
Friday 21 July 2023 10:11 BST
US Ambassador to China, Nicholas Burns listens to a speaker during a roundtable meeting with members of the American business community in Beijing
US Ambassador to China, Nicholas Burns listens to a speaker during a roundtable meeting with members of the American business community in Beijing (EPA)

Support truly
independent journalism

Our mission is to deliver unbiased, fact-based reporting that holds power to account and exposes the truth.

Whether $5 or $50, every contribution counts.

Support us to deliver journalism without an agenda.

Louise Thomas

Louise Thomas


China-based hackers reportedly accessed US ambassador Nicholas Burns's email account in a sophisticated espionage operation that is believed to have compromised thousands of American government emails.

The hackers were also able to access the email account of Daniel Kritenbrink, the assistant secretary of state for East Asia, the Wall Street Journal reported, citing people familiar with the matter.

The Joe Biden administration last week admitted the email account of the commerce secretary Gina Raimondo had also been compromised. However, the State Department has refused to share additional information, citing "security reasons".

The alleged Chinese hackers have since May secretly accessed email accounts at around 25 organisations, including US government agencies, Microsoft and US officials have said.

Mr Kritenbrink was previously asked at a congressional hearing on US-China policy whether he could rule out that his or his staff's emails were targeted in the hack.

He then said he couldn't comment on "an investigation that's underway being conducted by the FBI" but "will not rule it out".

The Chinese government has repeatedly denied any form of state-sponsored hacking, alleging that Beijing itself was a frequent target of cyberattacks.

"China firmly opposes and combats cyber attacks and cyber theft in all forms. This position is consistent and clear," Liu Pengyu, spokesperson for China's embassy in Washington, told Reuters.

"Identifying the source of cyber attacks is a complex technical issue. We hope that relevant sides will adopt a professional and responsible attitude ... rather than make groundless speculations and allegations."

Microsoft claimed that Chinese hackers, which it identified as Storm-0558, misappropriated one of its digital keys and used a flaw in its code to steal emails of US government officials and other clients.

The company in a statement on Thursday said it was taking the criticism on board.

The White House last week said an intrusion in Microsoft's cloud security "affected unclassified systems," without elaborating. "Officials immediately contacted Microsoft to find the source and vulnerability in their cloud service," National Security Council spokesperson Adam Hodge said.

The hacking row was reportedly raised by secretary of state Antony Blinken during a meeting with top Chinese diplomat Wang Yi last week.

“I can’t discuss details of our response. Beyond that, and most critically, this incident remains under investigation,” Mr Blinken said at a news conference in Jakarta.

Last month, Google-owned cybersecurity firm Mandiant said suspected state-backed Chinese hackers broke into the networks of hundreds of public and private sector organizations globally by using a security hole in a popular email security tool.

The attack exploited a vulnerability in a Barracuda Networks email system and targeted foreign ministries in Southeast Asia, other government agencies, trade offices and academic organizations in Taiwan and Hong Kong, according to Mandiant.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in