logo
Global Hack on Microsoft Hits US State Agencies

Global Hack on Microsoft Hits US State Agencies

Asharq Al-Awsat3 days ago
Hackers exploited a major security flaw in widely used Microsoft server software to launch a global attack on government agencies and businesses in the past few days, breaching US federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and private researchers.
Microsoft on Saturday issued an alert about 'active attacks' on self-hosted SharePoint servers, which are widely used by organizations to share documents and collaborate within organizations. SharePoint instances run off of Microsoft servers were unaffected.
The FBI said on Sunday it was aware of the attacks and was working closely with its federal and private-sector partners, but offered no other details.
The 'zero-day' attack, so called because it targeted a previously unknown vulnerability, is only the latest cybersecurity embarrassment for Microsoft.
Last year, the company was faulted by a panel of US government and industry experts for lapses that enabled a 2023 targeted Chinese hack of US government emails, including those of then-Commerce Secretary Gina Raimondo.
This most recent attack compromises only those servers housed within an organization — not those in the cloud, such as Microsoft 365, officials said.
After first suggesting that users make modifications to or simply unplug SharePoint server programs from the internet, the company on Sunday evening released a patch for one version of the software.
Two other versions remain vulnerable and Microsoft said it is continuing to work to develop a patch.
Microsoft updated its guidance Sunday with instructions to fix the problem for SharePoint Server 2019 and SharePoint Server Subscription Edition. Engineers were still working on a fix for the older SharePoint Server 2016 software.
'Anybody who's got a hosted SharePoint server has got a problem,' said Adam Meyers, senior vice president with CrowdStrike, a cybersecurity firm. 'It's a significant vulnerability.'
Pete Renals, a senior manager with Palo Alto Networks' Unit 42 said, 'We are seeing attempts to exploit thousands of SharePoint servers globally before a patch is available. We have identified dozens of compromised organizations spanning both commercial and government sectors.''
With access to these servers, which often connect to Outlook email, Teams and other core services, a breach can lead to theft of sensitive data as well as password harvesting, Netherlands-based research company Eye Security noted, according to The Washington Post.
What's also alarming, researchers said, is that the hackers have gained access to keys that may allow them to regain entry even after a system is patched.
'So pushing out a patch on Monday or Tuesday doesn't help anybody who's been compromised in the past 72 hours,' said one researcher, who spoke on the condition of anonymity because a federal investigation is ongoing.
It was not immediately clear who is behind the hacking of global reach or what its ultimate goal is.
One private research company found the hackers targeting servers in China as well as a state legislature in the eastern United States. Eye Security said it has tracked more than 50 breaches, including at an energy company in a large state and several European government agencies.
Others that were breached included a government agency in Spain, a local agency in Albuquerque and a university in Brazil, security researchers said.
One state official in the eastern US said the attackers had 'hijacked' a repository of documents provided to the public to help residents understand how their government works. The agency involved can no longer access the material, but it wasn't clear whether it was deleted.
Some security companies said they had not seen deletions in the SharePoint attacks, only the theft of cryptographic keys that would allow the hackers to reenter the servers.
CISA spokesperson Marci McCarthy said the agency was alerted to the issue Friday by a cyber research firm and immediately contacted Microsoft.
Microsoft has been faulted in the past for issuing fixes that are too narrowly designed and leave similar avenues open to attack.
Orange background

Try Our AI Features

Explore what Daily8 AI can do for you:

Comments

No comments yet...

Related Articles

Pakistan approves Skills Impact Bond for youth employment through private investment
Pakistan approves Skills Impact Bond for youth employment through private investment

Arab News

time18 minutes ago

  • Arab News

Pakistan approves Skills Impact Bond for youth employment through private investment

ISLAMABAD: Prime Minister Shehbaz Sharif on Friday approved Pakistan's first Skills Impact Bond, a new financing model aimed at mobilizing private investment to equip young people with market-relevant skills and improve their access to employment, both at home and abroad. The approval came during a high-level meeting in Islamabad focused on youth employment. According to a statement from the Prime Minister's Office, the initiative is part of a broader government effort to align vocational training with labor market demands and make Pakistani youth self-reliant through entrepreneurship and income-generating opportunities. The model, also known as 'pay-for-success,' links funding to independently verified outcomes such as job placement or minimum income levels. 'Pakistan's talented youth are the country's greatest asset,' the prime minister said at the meeting. 'By equipping them with education and skills tailored to market needs, we will transform the future of this nation.' Sharif instructed federal ministries and agencies to accelerate skills training, expand employment outreach through digital platforms and present a comprehensive roadmap based on estimates of domestic and overseas job opportunities for Pakistani youth. The prime minister approved a public awareness campaign to promote the use of the Digital Youth Hub, which has already registered over 500,000 users. The platform currently lists over 47,000 job openings in Pakistan and more than 100,000 overseas, along with 2,000 scholarship opportunities. He also emphasized preparing skilled workers specifically for international job markets and directed relevant departments to offer foreign language training for countries with high demand for labor.

Education department says it will release billions in remaining withheld grant money for schools
Education department says it will release billions in remaining withheld grant money for schools

Al Arabiya

time18 minutes ago

  • Al Arabiya

Education department says it will release billions in remaining withheld grant money for schools

The Trump administration is releasing billions of dollars in grants to schools for adult literacy, English language instruction, and other programs, the Education Department said Friday. President Donald Trump's administration had withheld more than 6 billion in funding on July 1 as part of a review to ensure spending aligned with the White House's priorities. The funding freeze had been challenged by several lawsuits as educators, Congress members from both parties, and others called for the administration to release money schools rely on for a wide range of programs. Congress had appropriated the money in a bill signed this year by Trump. Last week, the Education Department said it would release 1.3 billion of the money for after-school and summer programming. Without the money, school districts and nonprofits, such as the YMCA and Boys and Girls Club of America, had said they would have to close or scale back educational offerings this fall. The release of that money came days after 10 Republican senators sent a letter imploring the administration to allow frozen education money to be sent to states. Those senators had also called for the rest of the money to be distributed, including funds for adult education and teaching English as a second language. The Education Department said Friday the Office of Management and Budget had completed its review of the programs and will begin sending the money to states next week. US Sen. Shelley Moore Capito, was among the Congress members calling for the release of the grants. 'The programs are ones that enjoy longstanding bipartisan support,' she said. She pointed to after-school and summer programs that allow parents to work while their children learn and classes that help adults gain new skills–contributing to local economies. In withholding the funds, the Office of Management and Budget had said some of the programs supported a 'radical leftwing agenda.' 'We share your concern,' the GOP senators had written. 'However, we do not believe that is happening with these funds.' School superintendents had warned they would have to eliminate academic services without the money. On Friday, AASA, an association of superintendents, thanked members of Congress for pressing to release the money. ___ The Associated Press education coverage receives financial support from multiple private foundations. AP is solely responsible for all content. Find AP's standards for working with philanthropies, a list of supporters, and funded coverage areas at

OPEC says JMMC does not hold decision-making authority over production levels
OPEC says JMMC does not hold decision-making authority over production levels

Al Arabiya

timean hour ago

  • Al Arabiya

OPEC says JMMC does not hold decision-making authority over production levels

The Organization of the Petroleum Exporting Countries (OPEC) said on Friday that the joint ministerial monitoring committee (JMMC), scheduled to convene on Monday, does not hold decision-making authority over production levels. OPEC added that claims linking the JMMC meeting to oil output changes or voluntary adjustments are 'inaccurate and fall outside its mandate.' An OPEC+ panel is unlikely to alter existing plans to raise oil output when it meets, four OPEC+ delegates said, noting the producer group is keen to recover market share while summer demand is helping to absorb the extra barrels.

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store