The US Senate Intelligence Committee recently revealed that Chinese hackers were behind a massive cyberattack that compromised the email accounts of thousands of US State Department employees and other government agencies. The hackers exploited a vulnerability in Microsoft’s Exchange Server software, which is widely used by organizations to manage their email communications.

The breach, which occurred in late 2020 and early 2021, was part of a global campaign that affected tens of thousands of victims, including private companies, universities, and non-governmental organizations. The hackers used a technique called “zero-day exploit”, which means they exploited a flaw in the software that was unknown to the vendor and the public, and therefore had no patch or fix available.

The hackers gained access to the State Department’s network by sending phishing emails to unsuspecting employees, which contained malicious links or attachments that installed malware on their computers. The malware then allowed the hackers to remotely control the infected machines and access the Exchange Server, where they could read, modify, or delete emails, as well as create new accounts and install backdoors for future access.

According to the Senate Intelligence Committee, the hackers stole about 60,000 emails from the State Department, including some that contained sensitive information about US foreign policy and national security. The committee also said that the hackers targeted other agencies, such as the Department of Homeland Security, the Department of Defense, and the National Institutes of Health, but did not specify the extent of the damage.

The committee blamed the Chinese government for sponsoring the cyberattack, saying that it was consistent with its “long-term pattern of reckless and aggressive behavior in cyberspace”. The committee also criticized the US government for its slow and inadequate response to the breach, saying that it failed to detect, contain, and mitigate the attack in a timely and effective manner.

The committee recommended several measures to improve the US cybersecurity posture, such as:

The committee also urged Microsoft to improve the security and reliability of its products, especially the Exchange Server, which is widely used by the US government and other organizations around the world. The committee said that Microsoft should:

The committee concluded that the Microsoft hack was a “wake-up call” for the US government and the private sector to take the cybersecurity issue more seriously and urgently, and to work together to defend the nation’s interests and values in cyberspace. The committee said that it would continue to monitor and investigate the cyberattack and its implications, and to hold the responsible parties accountable.