 |
Microsoft accuses Chinese hackers of attacking SharePoint software. Photo: Pixabay . |
The US National Nuclear Security Administration (NNSA), the agency responsible for maintaining and designing the nuclear arsenal, has become one of the victims of a cyberattack targeting Microsoft's SharePoint document management software, an anonymous source told Bloomberg .
The source, who was not authorized to speak publicly and requested anonymity, said no sensitive or classified information was compromised in the attack on NNSA. Several other parts of the Energy Department were also affected.
When asked for comment on the matter, NNSA referred all questions to the Department of Energy.
“On Friday, July 18, exploitation of a Microsoft SharePoint vulnerability began affecting the Department of Energy. However, the impact was minimal due to the extensive use of the Microsoft M365 cloud platform and effective cybersecurity systems. A very small number of systems were compromised and all are being restored,” a Department of Energy spokesperson said.
NNSA’s missions are diverse, including providing nuclear reactors for Navy submarines and responding to radiological emergencies. The agency also plays a key role in counterterrorism and transporting nuclear weapons across the United States.
According to Bloomberg , the attack was part of a larger cyberattack in 2020 that targeted widely used SolarWinds software, which allowed hackers to break into the NNSA. A Department of Energy spokesperson said the malware was “isolated to business networks” and did not have a wider impact.
Microsoft has accused Chinese hackers of being behind the attacks, which exploited vulnerabilities in popular SharePoint software to infiltrate governments, businesses and organizations around the world .
Bloomberg previously reported that in some cases, hackers stole login credentials, including usernames, passwords, hashes and tokens.
In addition to the Department of Energy, the hacker group also broke into the systems of governments in Europe, the Middle East, the US Department of Education , the Florida Department of Revenue and the Rhode Island State Legislature. However, the full extent of the damage is still unclear.
These vulnerabilities only affect SharePoint customers who self-manage the software on their own networks, not those using Microsoft's cloud services.
In a blog post on July 22, Microsoft identified two Chinese hacker groups — “Linen Typhoon” and “Violet Typhoon” — that exploited the SharePoint vulnerabilities. The post added that another China-based hacker group, which Microsoft named Storm-2603, had also exploited the vulnerabilities.
Source: https://znews.vn/co-quan-hat-nhan-my-bi-tin-tac-tan-cong-post1570931.html
![[Photo] Signing of cooperation between ministries, branches and localities of Vietnam and Senegal](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/7/24/6147c654b0ae4f2793188e982e272651)
Comment (0)