The House Oversight and Accountability Committee is investigating a complex China-linked hack of the federal government in which cyberattackers accessed the email data of Biden administration officials.
The committee’s lawmakers requested a briefing from the leaders of the Commerce and State departments, saying they fear the digital breaches show that China has new cyber skills.
“China appears to be graduating from ’smash and grab heists’ that used to be ’noisy’ and ’rudimentary’ to a level described by security experts as ’among the most technically sophisticated and stealthy ever discovered,’” the lawmakers wrote. “The incident even raises the possibility that Chinese hackers may be able to access high-level computer networks and remain undetected for months if not years.”
The letter on Wednesday to Commerce Secretary Gina Raimondo said her email was hacked, though Ms. Raimondo has declined to comment on it, citing an ongoing federal investigation. She told CNBC last month she would not confirm reports of her email being hacked but said the “very significant, very complex” hack had disrupted the Commerce Department.
The Commerce Department’s role in imposing economic restrictions on foreign businesses makes it an espionage target. The department oversees a blacklist of foreign entities and people that obstructs their work in the U.S. because of national security concerns.
Ms. Raimondo is preparing to visit China and has not let the cyberattack on her department stop her from working with the country’s communist government. She intends to visit Beijing later this month, according to Bloomberg News.
She said last month that her upcoming travel does not mean she is excusing the hacking. Ms. Raimondo said she wants to tamp down tensions between the two countries.
Microsoft’s cybersecurity services are also in the crosshairs of lawmakers scrutinizing the hack. The company has acknowledged that about 25 organizations were breached in the China-based hackers’ attack on its customers’ emails.
Sen. Ron Wyden, Oregon Democrat, is pushing the Biden administration to investigate Microsoft because of the hack. He recently urged the Justice Department, Federal Trade Commission, and Cybersecurity and Infrastructure Security Agency to launch an inquiry into Microsoft.
“Holding Microsoft responsible for its negligence will require a whole-of-government effort,” Mr. Wyden said in a letter to federal officials.
China may not be America’s only adversary leveraging Microsoft products to intrude in sensitive U.S. government networks.
The Microsoft Threat Intelligence team said it found Russian cyberattackers using the company’s conferencing platform to attack espionage targets, including government accounts. Microsoft’s disclosure of the Russian-linked hack did not identify the affected government accounts.
As federal officials and Microsoft respond to the breaches, Congress is eager for answers. House Oversight lawmakers requested a briefing from federal officials on the hacking by Aug. 9.
In response to questions about Mr. Wyden’s requested investigation, Microsoft previously said it was working with government agencies and would share information on its blog.
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.