Massive SharePoint breach, including US nuclear agency - Microsoft links attack to 3 China-backed hackers
These hackers exploited major flaws in Microsoft's on-premises SharePoint servers, not the cloud-based ones. The flaws allowed the hackers to break in remotely, giving them access to internal systems of many victims. The cyberattack started on Saturday, July 18, according to Microsoft's initial report, as per the reports.
Explore courses from Top Institutes in
Please select course:
Select a Course Category
MBA
Design Thinking
Cybersecurity
Others
Healthcare
others
Operations Management
Technology
Data Analytics
MCA
Artificial Intelligence
Finance
Degree
Project Management
healthcare
Data Science
Data Science
CXO
Digital Marketing
Product Management
Management
Public Policy
PGDM
Leadership
Skills you'll gain:
Analytical Skills
Financial Literacy
Leadership and Management Skills
Strategic Thinking
Duration:
24 Months
Vellore Institute of Technology
VIT Online MBA
Starts on
Aug 14, 2024
Get Details
Skills you'll gain:
Financial Management
Team Leadership & Collaboration
Financial Reporting & Analysis
Advocacy Strategies for Leadership
Duration:
18 Months
UMass Global
Master of Business Administration (MBA)
Starts on
May 13, 2024
Get Details
U.S. government agencies hit by hackers
U.S. federal investigators say that at least two federal agencies were affected, and that number may rise. One official said they believe four to five federal agencies may have been breached. The U.S. National Nuclear Security Administration (NNSA) was also hacked. This agency designs and manages U.S. nuclear weapons, according to the report by Bloomberg.
by Taboola
by Taboola
Sponsored Links
Sponsored Links
Promoted Links
Promoted Links
You May Like
New Container Houses Indonesia (Prices May Surprise You)
Container House | Search ads
Search Now
Undo
Luckily, no classified or sensitive data appears to have been stolen from NNSA. The Energy Department confirmed it was also impacted by the breach but said only a few systems were affected. The Energy Department explained that because it uses Microsoft M365 cloud systems, the damage was limited.
ALSO READ:
LinkedIn job applications surge 45% as AI tools like ChatGPT, resume Bots, and hiring automation take over the job search in 2025
Live Events
All affected Energy Department systems are now being restored, according to its spokesperson. The attack used two main vulnerabilities: CVE-2025-49706 and CVE-2025-49704. These bugs are only present in SharePoint servers that are managed on-site by customers — not in Microsoft's cloud version, as stated by Microsoft.
Microsoft issues fixes, but hackers still a threat
Microsoft released security patches on July 19 to fix these issues and urged users to install them immediately. The company also warned that more hackers might start using the same flaws if users don't update their systems. Microsoft says there is "high confidence" that hackers will continue to exploit the bugs if servers remain unpatched, as per the reports.
Private cybersecurity firm Mandiant said that at least one group involved is linked to Beijing. Another major cybersecurity researcher said the behavior they saw 'lines up perfectly' with Chinese hackers. Microsoft stated that hackers used post-exploitation techniques, which means they dug deeper into systems after breaking in.
Microsoft also warned about possible data theft including usernames, passwords, tokens, and hash codes. The FBI and CISA are working with Microsoft to investigate and respond to the attacks. The White House and Chinese Embassy in Washington did not respond to questions about China's involvement. As of now, the U.S. government has not officially blamed China for the breaches, as per the POLITICO report.
More groups could be in danger worldwide
Silas Cutler, a researcher at scanning firm Censys, and Piotr Kijewski, CEO of The Shadowserver Foundation, said about 100 organizations have been affected so far. They also warned that thousands more organizations could still be vulnerable to this same attack. Some of the other victims include national governments in Europe and the Middle East, Florida's Department of Revenue, and the Rhode Island General Assembly, as per the report by Bloomberg.
ALSO READ:
Kyiv erupts: Massive protests rock Zelensky amid explosive anti-corruption scandal
Microsoft failed to patch at least one of the bugs earlier this month and only released partial fixes for others. Microsoft now recommends using updated SharePoint server versions and turning on Defender Antivirus or similar tools. They also advise customers to rotate SharePoint ASP.NET machine keys, restart IIS servers, and use Full Mode AMSI scanning. Microsoft said it is working closely with CISA, the Department of Defense Cyber Command, and other global partners.
Microsoft faces heat from U.S. lawmakers
The attack is one of the biggest cybersecurity threats during Donald Trump's second term in office so far. Microsoft says other non-China hacker groups are also trying to use the same bugs to attack more victims. Charles Carmakal, CTO of Mandiant, warned that more hackers will 'leverage this exploit' soon.
Lawmakers are now criticizing Microsoft for putting U.S. systems at risk and still depending on China-based engineers. Sen. Ron Wyden said Microsoft is selling security upgrades while failing to secure its main products. Lawmakers from the House Homeland Security Committee have asked Microsoft and CISA for a briefing on the issue, as stated by POLITICO.
In a similar 2020 SolarWinds hack, the NNSA had also been breached, but the malware stayed only on business networks. In 2023, Chinese hackers exploited Microsoft again and stole emails from the U.S. ambassador to China and Commerce Secretary. That 2023 attack led to a federal review panel criticizing Microsoft for poor security practices, as per the Bloomberg report.
Recently, the Pentagon said it will review all its cloud systems, after reports that China-based engineers worked on Pentagon-related tech. This latest breach is now adding pressure on Microsoft to improve its products and regain trust from the U.S. government, as per the reports.
FAQs
Q1. What caused the
Microsoft SharePoint hack
in 2025?
Hackers exploited security flaws in Microsoft's on-premises SharePoint servers to access many organizations' systems.
Q2. Which U.S. agencies were affected by the SharePoint cyberattack?
At least two federal agencies, including the National Nuclear Security Administration and the Energy Department, were impacted.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
&w=3840&q=100)
Business Standard
38 minutes ago
- Business Standard
Nvidia, AMD China revenue deal could be model for others, says Bessent
Treasury Secretary Scott Bessent said the recent deal to allow Nvidia Corp. and Advanced Micro Devices Inc. to resume lower-end AI chip sales to China, on the condition they give the US government a 15 per cent cut of the related revenue, could serve as a model for others. 'I think we could see it in other industries over time,' Bessent said Wednesday in a television interview on Bloomberg Surveillance. 'Right now, this is unique, but now that we have the model and the beta test, why not expand it?' Bessent credited President Donald Trump with the 'very unique solution' of allowing Nvidia to expand in China and become a bellwether for Chinese technology, with the US taxpayer getting 'a share of' the reward. The revenue the Treasury receives from the arrangement will go to pay down debt, he said. 'If we could make a substantial debt' repayment, that would then allow for discussions about a program of sending money to taxpayers, he also said. Asked about reporting that China is urging its companies to avoid the Nvidia H20 processors now allowed for its market, Bessent said 'sure, we can discuss that' with the Chinese. 'But it also tells me that they are worried about the Nvidia chips becoming the standard in China.' China Talks On Tuesday, Bessent said that he'd be meeting again with his Chinese counterparts 'within the next two or three months,' speaking on Fox Business. He dismissed the possibility of China emulating other US trading partners in winning tariff relief in return for boosting investments in the US. When asked if China could make pledges worth billions of dollars like Japan, South Korea and the EU have as part of their trade agreements, Bessent said 'my sense is no because a lot of the buyout or the funds from the buyout are going to go to critical industries that we need to reshore and a lot of those need to be reshored away from China.' Whether the industry was semiconductors, rare-earth magnets, pharmaceuticals or steel, 'my sense is that isn't what will happen,' Bessent said in an interview with Fox Business on Tuesday. Tech and AI have been among the most high profile of areas of competition between the world's two biggest economies. President Donald Trump has extended a pause of higher tariffs on Chinese goods for another 90 days into early November, a move that stabilized trade ties between the world's two largest economies while they try to forge an agreement. Chinese companies in sectors such as electric vehicles have opened factories abroad to access new markets, a move that could also help them skirt US tariffs. He also indicated that Washington wanted to see measures from China over an extended period to stem the flow of chemicals used to make fentanyl before lowering duties Trump put in place over the issue. 'We will need to see months, if not quarters, if not a year, of progress on that before I could imagine those tariffs coming down,' he said.
&w=3840&q=100)
Business Standard
38 minutes ago
- Business Standard
GenAI paradox: Companies pouring billions into AI; it has yet to pay off
Nearly four decades ago, when the personal computer boom was in full swing, a phenomenon known as the 'productivity paradox' emerged. It was a reference to how, despite companies' huge investments in new technology, there was scant evidence of a corresponding gain in workers' efficiency. Today, the same paradox is appearing, but with generative artificial intelligence. According to recent research from McKinsey & Company, nearly eight in 10 companies have reported using generative AI, but just as many have reported 'no significant bottom-line impact'. AI technology has been racing ahead with chatbots like ChatGPT, fueled by a high-stakes arms race among tech giants and superrich start-ups and prompting an expectation that everything from back-office accounting to customer service will be revolutionised. But the payoff for businesses outside the tech sector is lagging behind, plagued by issues including an irritating tendency by chatbots to make stuff up. That means that businesses will have to continue to invest billions to avoid falling behind — but it could be years before the technology delivers an economywide payoff, as companies gradually figure out what works best. Call it the 'the generative AI paradox,' as McKinsey did in its research report. Investments in generative AI by businesses are expected to increase 94 per cent this year to $61.9 billion, according to IDC, a technology research firm. But the percentage of companies abandoning most of their AI pilot projects soared to 42 per cent by the end of 2024, up from 17 per cent the previous year, according to a survey of more than 1,000 technology and business managers by S&P Global, a data and analytics firm. Projects failed not only because of technical hurdles, but often because of 'human factors' like employee and customer resistance or lack of skills, said Alexander Johnston, a senior analyst at S&P Global. Gartner, a research and advisory firm that charts technological 'hype cycles,' predicts that AI is sliding toward a stage it calls 'the trough of disillusionment.' The low point is expected next year, before the technology eventually becomes a proven productivity tool, said John-David Lovelock, the chief forecaster at Gartner. That was the pattern with past technologies like personal computers and the internet — early exuberance, the hard slog of mastering a technology, followed by a transformation of industries and work. The winners so far have been the suppliers of AI technology and advice. They include Microsoft, Amazon, and Google, which offer AI software, while Nvidia is the runaway leader in AI chips. Executives at those companies have bragged how AI is reshaping their own work forces, eliminating the need for some entry-level coding work and making other workers more efficient. AI will eventually replace entire swaths of human employees, many predict, a perspective that is being widely embraced and echoed in the corporate mainstream. At the Aspen Ideas Festival in June, Jim Farley, the chief executive of Ford Motor, said, 'Artificial intelligence is going to replace literally half of all white-collar workers in the US' Whether that type of revolutionary change occurs, and how soon, depends on the real-world testing ground of many businesses. 'The raw technological horsepower is terrific, but it's not going to determine how quickly AI transforms the economy,' said Andrew McAfee, a principal research scientist and co-director of the Massachusetts Institute of Technology's Initiative on the Digital Economy. Still, some businesses are finding ways to incorporate AI — although in most cases the technology is still a long way from replacing workers. One company where AI's promise and flaws are playing out is USAA, which provides insurance and banking services to members of the military and their families. After several pilot projects, some of which it closed down, the company introduced an AI assistant to help its 16,000 customer service workers provide correct answers to specific questions. USAA is tracking its AI investments, but does not yet have a calculation of the financial payoff, if any, for the call center software. But the response from its workers, the company said, has been overwhelmingly positive. While it has software apps for answering customer questions online, its call centers field an average of 200,000 calls a day. 'Those are moments that matter,' said Ramnik Bajaj, the company's chief data analytics and AI officer. 'They want a human voice at the other end of the phone.' That's similar to an AI app developed more than a year ago for fieldworkers at Johnson Controls, a large supplier of building equipment, software and services. The company fed its operating and service manuals for its machines into an AI program that has been trained to generate a problem summary, suggest repairs and deliver it all to the technician's tablet computer. In testing, the app has trimmed 10 to 15 minutes off a repair call of an hour or more — a useful efficiency gain, but hardly a workplace transformation on its own. Fewer than 2,000 of the company's 25,000 field service workers have access to the AI helper, although the company is planning an expansion. 'It's still pretty early days, but the idea is that over time everyone will use it,' said Vijay Sankaran, the chief digital and information officer at Johnson Controls. The long-term vision is that companies will use AI to improve multiple systems, including sales, procurement, manufacturing, customer service and finance, he said. 'That's the game changer,' said Sankaran, who predicts that shift will take at least five years. Two years ago, JPMorgan Chase, the nation's largest bank, blocked access to ChatGPT from its computers because of potential security risks. Only a few hundred data scientists and engineers were allowed to experiment with AI Today, about 200,000 of the bank's employees have access to a general-purpose AI assistant — essentially a business chatbot — from their work computers for tasks like retrieving data, answering business questions and writing reports. The assistant, tailored for JPMorgan's use, taps into ChatGPT and other AI tools, while ensuring data security for confidential bank and customer information. Roughly half of the workers use it regularly and report spending up to four hours less a week on basic office tasks, the company said. The bank's wealth advisers are also employing a more specialized AI assistant, which uses bank, market and customer data to provide wealthy clients with investment research and advice. The bank says it retrieves information and helps advisers make investment recommendations nearly twice as fast as they could before, increasing sales. Lori Beer, the global chief information officer at JPMorgan, oversees a worldwide technology staff of 60,000. Has she shut down AI projects? Probably hundreds in total, she said. But many of the shelved prototypes, she said, developed concepts and code that were folded into other, continuing projects. 'We're absolutely shutting things down,' Ms. Beer said. 'We're not afraid to shut things down. We don't think it's a bad thing. I think it's a smart thing.' McAfee, the M.I.T. research scientist, agreed. 'It's not surprising that early AI efforts are falling short,' said McAfee, who is a founder of Workhelix, an AI-consulting firm. 'Innovation is a process of failing fairly regularly.'
&w=3840&q=100)
Business Standard
an hour ago
- Business Standard
Brics diplomacy gathers pace as Jaishankar, Wang Yi plan key visits
Amid a flurry of engagement between the Brics' founding members following US President Donald Trump's latest round of tariffs, External Affairs Minister S Jaishankar will meet his Russian counterpart Sergey Lavrov in Moscow on August 21. Chinese Foreign Minister Wang Yi is also expected in India next week for talks on the boundary dispute with National Security Adviser Ajit Doval, under the special representatives' mechanism between the neighbours. India has yet to officially confirm either visit. However, on Wednesday afternoon the Russian foreign ministry announced the Jaishankar–Lavrov meeting, saying it would cover bilateral relations and 'aspects of cooperation within international frameworks'. The two are also expected to finalise dates for Russian President Vladimir Putin's visit to India later this year. Government sources in New Delhi said Wang's trip, possibly as early as August 18, had been in the works. Alongside efforts to advance de-escalation between the two militaries, the meeting could pave the way for a bilateral between Prime Minister Narendra Modi and Chinese President Xi Jinping on the sidelines of the Shanghai Cooperation Organisation (SCO) Summit in Tianjin from August 31 to September 1. It would be Modi's first visit to China in seven years. Wang and Doval are the designated special representatives for boundary talks. Doval visited China in December last year for discussions with Wang, following a thaw agreed by Modi and Xi in Kazan on October 24, 2024. New Delhi and Beijing are also exploring an early resumption of flights between the two countries. In a further sign of easing tensions, China has reportedly relaxed restrictions on urea shipments to India. The Jaishankar-Lavrov meeting would also help India understand Moscow's assessment of the Trump-Putin's summit in Alaska on Friday. It is likely that Modi could meet Putin in Tianjin as the Russian president is also slated to attend the SCO Summit. Members of the parliamentary panel on external affairs were told on Monday that the Trump–Putin meeting on the Ukraine conflict could help persuade the White House to lift the additional 25 per cent penalty imposed on India for purchasing Russian crude. According to sources, officials said India's engagement with the US remains strong in most areas except trade, where a communication deadlock exists at the highest levels of both governments. That could change in late September. Modi may travel to the US for the UN General Assembly in New York, with a possible meeting with Trump. The prime minister's schedule is not yet finalised, but India's 'head of government' appears in a provisional list of speakers for the general debate on September 26. Modi and Trump last met in February in Washington. They couldn't meet at the G7 summit in Canada on June 16-17 but spoke over phone. Since the White House announced its tariffs and imposed one of the steepest rates (25 per cent) on India, besides the added 25 per cent levy for New Delhi's purchase of Russian crude, Brics leaders have intensified their engagement. On August 7, Modi and Brazilian president Luiz Inácio Lula da Silva spoke by phone about bilateral trade; Lula has also spoken to Xi. A day after Trump's penalty announcement, Putin and Modi held a call in which they pledged to deepen ties and discussed the Ukraine conflict. Modi has also spoken to Ukraine's president, Volodymyr Zelenskyy, who urged India to limit Russian oil imports and has said he hopes to meet Modi at the UNGA in September. Last week, Doval was in Moscow for talks with Russian Security Council Secretary Sergey Shoigu and a meeting with Putin. Jaishankar is also expected to call on the Russian president during his Moscow visit next week.
