Cyber Threat Report: 'Review of the Summer 2023 Microsoft Exchange Online Intrusion'
| Report Author | Cyber Safety Review Board |
|---|---|
| Publication Date | 2024-03-20 |
| Original Reporting | Source |
| Attributed to Nation | China |
| Related Intrusion Sets | Zirconium , Violet Typhoon , APT31 , Storm-0558 |
| Victim Sectors | Ministries of Foreign Affairs, National Government |
This report by the US Cyber Safety Review Board presents the findings of an investigation into compromise of Microsoft Exchange Online mailboxes in May and June 2023. According to the report 22 organizations and over 500 individuals were affected, including 'senior United States government representatives working on national security matters'. The report provides information about Storm-0558, the group behind the intrusion, as well as information on how the attack was conducted and how this type of attack could be prevented in the future. The review found that 'this intrusion was preventable and should never have occurred.'
Cyber Threat Graph Context
Explore how this report relates to the wider threat graph