Chinese hackers breach US nuclear agency via Microsoft
Microsoft has admitted that Chinese hackers exploited a vulnerability in its software to breach hundreds of government agencies, including the US nuclear agency, as well as governments in Europe and the Middle East.Microsoft blamed a vulnerability in its SharePoint document-sharing software, saying its servers were hacked by China-based actors. The investigation is ongoing. The same company said that hackers began exploiting this vulnerability on July 7.
Dutch cybersecurity firm Eye Security said 400 organizations and agencies were affected by the breach, while Bloomberg reported on Wednesday that the victims included the US agency responsible for overseeing nuclear weapons, as well as national governments in Europe and the Middle East.
According to the Washington Post, the National Institutes of Health and several other government agencies, energy companies, and universities were also breached. The American company explained in a statement that the hackers uploaded malicious scripts that enabled them to "steal essential cryptographic material."
The Independent reported that Microsoft linked the attack to two main groups: Linen Typhoon and Violet Typhoon. It also warned that another Chinese group called Storm-2603 also targeted its systems. In a message to its customers, the company said it had released comprehensive new security updates to address the incident and warned customers to install these updates for protection.
"This is a critical vulnerability with far-reaching implications," Carlos Perez, director of security intelligence at TrustedSec, who has previously trained cybersecurity teams for the US military, told The Independent. "It allows for unauthenticated remote code execution on SharePoint servers, which are a critical part of enterprise infrastructure."
He continued, "What makes the vulnerability even more dangerous is that it exposes cryptographic secrets, allowing attackers to turn any authenticated SharePoint request into a remote execution of instructions. This is a dangerous capability if it falls into the hands of malicious actors."
0 Comments