Approximately 400 government institutions, corporations and other organizations became victims of a large-scale hacker attack on the servers of users of the SharePoint service from Microsoft. About this informs Bloomberg.
According to updated data, the number of affected organizations has increased more than six times. Most of the victims were found in the United States, as well as in Mauritius, Jordan, South Africa and the Netherlands. Among the targets of the attack was the US National Nuclear Security Administration, which is responsible for maintaining the US nuclear arsenal.
Earlier this week, Microsoft reported “active attacks” on local servers of users of SharePoint — a service for collaboration, data sharing, and synchronization. At the same time, the cloud version of SharePoint Online, which is part of Microsoft 365, remained untouched.
Microsoft urged all customers to update the software immediately, as the update “fully protects” users of SharePoint Subscription Edition and SharePoint 2019. Patches for SharePoint 2016 are still in the works.
The US Cybersecurity and Infrastructure Protection Agency (CISA) confirmed that a vulnerability in Microsoft software allowed attackers to gain access to SharePoint content and systems, including file structures and internal configurations. Microsoft notes that the hacker groups Linen Typhoon and Violet Typhoon are behind the cyber attack, which, according to their information, act with the support of the Chinese state.
