A cyber security official at the US State Department had noticed something unusual. An internal IT security system, nicknamed “Big Yellow Taxi”, had flagged unusual activity on its corporate Microsoft account.
The tech team quickly raised its concerns to Microsoft, hopeful that the alert was just a false positive.
What rapidly emerged, however, was that a Chinese government hacking group – codenamed Storm-0558 – had compromised the emails of hundreds of US government officials.
