Secretary of State Antony Blinken on Friday downplayed the month-long theft of hundreds of thousands of State Department and Commerce Department emails by China-based hackers.
Speaking at the Aspen Security Forum, he said the compromised email accounts, which included those of US Ambassador to China Nicholas Burns, were not classified and the department’s classified system had not been breached. She also accessed the unclassified email account of the Secretary of Commerce, Gina Raimondo.
«I can’t speak to the direct impact of any particular incident,» Blinken said in a discussion with NBC News’ Andrea Mitchell. «I can say that the incident in question only affected our unclassified system.»
Cybersecurity experts have warned that a successful hack of an unclassified network can still reveal sensitive information.
“No one should underestimate the damage that even unclassified email can cause,” said Glenn Gerstell, former general counsel at the National Security Agency. «You can get a lot even if the underlying substance remains secret in the classified network.»
He said the sophistication of the attack was demonstrated by the hackers’ ability to breach the State Department’s email system, stay in it for a month, and target specific email accounts of senior officials. He added that it likely involved months of preparation.
“This is not a lucky teenager,” Gerstell said. «This is a very sophisticated nation state.»
Blinken said he had raised the hacking issue with Chinese officials.
«I had, you know, opportunities to speak directly with my Chinese counterparts about how deeply concerned we would be about anything that targets the US government, US companies, US citizens,» he said. «We will take appropriate action, if necessary, in response.»
Blinken also downplayed the failure of Biden administration climate envoy John Kerry to secure a deal with China.
Last week, officials confirmed that China-based hackers broke into the email accounts of the State and Commerce departments, but did not say how many people were affected. The Federal Agency for Infrastructure Security and Cybersecurity said it learned of the hacking campaign in mid-June and that the campaign lasted for around a month.