UPDATE: A significant cyberattack has breached the U.S. National Nuclear Security Administration (NNSA), exposing vulnerabilities in Microsoft’s SharePoint software. The Department of Energy confirmed the incident on Wednesday, revealing that the attack began on July 18, 2023. While officials report no sensitive information has been stolen, the implications of such a breach are alarming.
The breach was executed by state-sponsored Chinese hacking groups, including Linen Typhoon and Violet Typhoon, which exploited a zero-day vulnerability in SharePoint. This flaw has reportedly affected around 400 victims globally, according to cybersecurity firm Eye Security.
“The exploitation of Microsoft SharePoint’s vulnerabilities primarily impacts institutions operating on their own networks rather than using Microsoft’s cloud services,” noted a Department of Energy spokesperson. Fortunately, the NNSA primarily utilizes cloud services, limiting the impact to a “very small number of systems.” All affected systems are currently undergoing restoration.
Microsoft has acknowledged the breach, stating that Chinese state-linked actors are actively exploiting flaws in SharePoint software. Meanwhile, the U.S. Cybersecurity and Infrastructure Security Agency has confirmed it is aware of the ongoing exploitation of these vulnerabilities.
In response to the cyberattack, Microsoft CEO Satya Nadella has emphasized the company’s commitment to improving cybersecurity measures. Just last week, Microsoft announced it would cease employing engineers based in China for technical support on Defense Department projects, amid increasing concerns of espionage.
Chinese officials, including foreign ministry spokesperson Guo Jiakun, have denied involvement in the attacks, stating, “China opposes and fights hacking activities in accordance with the law.” However, cybersecurity experts continue to raise alarms about the potential for Chinese espionage linked to this incident.
As the investigation unfolds, the urgency for enhanced cybersecurity measures grows. Officials urge organizations to review their security protocols and remain vigilant against potential threats.
Stay tuned for more updates on this developing story as authorities work to mitigate the fallout from this unprecedented breach.