US nuclear agency hit CyberTack through a Microsoft SharePoint vulnerability
newYou can listen to Fox’s news articles!
A cyber attack that was compromised by the National Nuclear Security Agency (NNSA) through Microsoft’s SharePoint Documentation Software has been compromised. Energy Division It was confirmed on Wednesday by Fox News Digital.
The agency does not know of any confidential or classified information that has been stolen at this time.
“On Friday, July 18th, Microsoft SharePoint Zero Day vulnerabilities exploitation began to affect the Department of Energy, including the NNSA,” the Department of Energy (DOE) told Fox News Digital, referring to the agency responsible for maintaining and designing the country’s nuclear weapons reserves.
Sign outside the Microsoft campus in Redmond, Washington, USA on Thursday, March 3, 2022. (Chona Cousin/Bloomberg via Gettty Images)
Microsoft warned that Chinese state-sponsored actors are exploiting flaws in SharePoint software from agencies around the world. Eye safety based in the Netherlands I said Reuters The violation now claims 400 casualties.
Linen Typhoon and Violet Typhoon are two groups backed by CCP involved in the hack, and used the flaws in document sharing software that exists for customers running on their own networks rather than Microsoft’s cloud software.
But Doe said it was mostly cloud-based, so it was just “a very few systems affected.”
“All affected systems have been restored.”
Microsoft’s SharePoint was hacked by a Chinese national actor, the company said. (Getty)
Another China-based hacking group, Storm-2603, also exploited the vulnerability, according to Microsoft.
Asked about the hack on Wednesday, China’s Foreign Ministry spokesman Guo Zi-Kun said that he was unaware of the details, but “China will oppose and fight activities according to the law, and at the same time oppose smears and attacks against China in excuses for cybersecurity issues.”
Charles Carmakal, technology chief for Google-owned Mandiant Cybersecurity Consulting Group, confirmed Monday in a LinkedIn post that at least one of the organizations involved in the hack is a “China-Nexus threat actor.”
“China will oppose and fight against hacking activities according to the law, and at the same time, it will oppose smears and attacks against China based on excuses for cybersecurity issues,” a spokesperson for the Chinese Ministry of Foreign Affairs said in response to the allegations. (Adek Berry/AFP via Getty Images)
On Sunday, the US Department of Cybersecurity and Infrastructure Security said it was “aware of aggressive exploitation” of SharePoint vulnerabilities.
Click here to get the Fox News app
Microsoft CEO Satya Nadella vowed to make cybersecurity a top priority last year after a government report criticized U.S. government officials’ handling of China’s violations of emails.
Last week, the company vowed to stop using China-based engineers and use the company’s cloud services to provide technical support to clients within the Department of Defense. It came after the Propublica report revealed the practice and said that DOD could be exposed to Chinese hackers.