Microsoft says China-backed cybercriminals hacked into US nuclear weapons agency
The National Nuclear Security Administration, a semi-autonomous agency that operates under the auspices of the Department of Energy, was among the targets of a hack allegedly carried out by Chinese-backed cybercriminals, according to Bloomberg News.
A Dutch cybersecurity company estimates that around 400 government agencies in the US, Mauritius, Jordan, South Africa and the Netherlands were impacted by the hack, according to Bloomberg News.
Advertisement
4 A US government agency responsible for maintaining the nation's stockpile of nuclear weapons was reportedly targeted in a hack by Chinese-backed cybercriminals.
U.S. DepartmentofDefense
The Dutch firm, Eye Security, previously estimated that just 60 entities were impacted.
A source familiar with the situation told the financial news site on Tuesday that no sensitive or classified information was known to have been stolen in the hack, which was made possible by exploiting a flaw in Microsoft's SharePoint document management software.
'On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy,' an agency spokesman told Bloomberg News.
Advertisement
'The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored.'
The breaches have been ongoing since at least July 7, according to Adam Meyers, senior vice president at CrowdStrike, the cybersecurity firm that has partnered with Microsoft to ward off potential cyber threats.
'The early exploitation resembled government-sponsored activity, and then spread more widely to include hacking that 'looks like China',' Meyers told Bloomberg News. CrowdStrike's investigation into the campaign remains ongoing.
Advertisement
4 In a blog post, Microsoft identified two reputed cybercriminal organizations, Linen Typhoon and Violet Typhoon, in the alleged scheme.
Bloomberg via Getty Images
The Post has sought comment from the NNSA, Microsoft, CrowdStrike and Eye Security.
In a blog post, the tech giant identified two reputed cybercriminal organizations, Linen Typhoon and Violet Typhoon, in the alleged scheme to exploit flaws in Microsoft's software that is used by customers on their own networks rather than in the more secure cloud.
These customers are at risk of having their data compromised by the hackers, according to Microsoft, which also fingered a third Chinese-based organization, Storm-2603, as doing the same.
Advertisement
Every morning, the NY POSTcast offers a deep dive into the headlines with the Post's signature mix of politics, business, pop culture, true crime and everything in between. Subscribe here!
Microsoft SharePoint is a platform used to store, organize, share and manage internal web content across an organization — similar to intranets.
The NNSA wasn't the only agency that was targeted in the alleged cyberattack.
Among the victims are the US Department of Education, Florida's Department of Revenue and the Rhode Island General Assembly, which is the Ocean State's legislative body.
Internationally, governments in Europe and the Middle East have also been targeted. Cybersecurity researchers have detected breaches on more than 100 servers, representing at least 60 victims across various sectors, including energy, consulting and academia.
4 The National Nuclear Security Administration is a semi-autonomous agency that operates under the auspices of the Department of Energy.
Jarretera – stock.adobe.com
Microsoft has patched the vulnerabilities in recent days, but the company expressed concern that hackers will continue to exploit these flaws in future attacks.
'We have high confidence that threat actors will continue to integrate them into their attacks,' Microsoft stated in its blog post.
Advertisement
'China opposes and fights hacking activities in accordance with the law. At the same time, we oppose smears and attacks against China under the excuse of cybersecurity issues,' a spokesperson for the Chinese embassy said in a statement.
Cybersecurity experts have expressed grave concerns about the severity of the threat.
Michael Sikorski, chief technology officer and head of threat intelligence for Unit 42 at Palo Alto Networks Inc., described the situation as a 'high-severity, high-urgency threat.'
Advertisement
He emphasized the risks posed by SharePoint's deep integration with Microsoft's ecosystem, which includes services like Office, Teams, OneDrive and Outlook — all of which contain valuable data for attackers.
4 This archive picture shows the first B61-13 HiFi nuclear bomb unit completed at Sandia National Labs in Albuquerque earlier this year.
Craig Fritz/Sandia National Labs / SWNS
Eye Security reported that the flaws allow hackers to access SharePoint servers and steal authentication keys, enabling them to impersonate users or services even after patches are applied.
'We estimate that the real number might be much higher as there can be many more hidden ways to compromise servers that do not leave traces,' Eye Security's co-owner Vaisha Bernard said in an email to Bloomberg News.
Advertisement
'This is still developing, and other opportunistic adversaries continue to exploit vulnerable servers.'
Despite Microsoft's efforts to bolster its security measures, including hiring executives from government agencies and holding weekly security meetings, the recent breaches have drawn renewed scrutiny.
The US government issued a report last year that was critical of Microsoft's lax security culture.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
12 minutes ago
- Business Insider
India ramps up rare earth partnership with 5 African nations to counter China's dominance
India is intensifying its engagement with Africa in a strategic bid to diversify its sources of rare earth elements (REEs) amid growing global concerns over China's dominance in the critical minerals market. India is enhancing collaborations with Africa to secure rare earth elements (REEs) and reduce its reliance on China. This move addresses global concerns over China's dominance, controlling over 90% of REE supply, and its recent export restrictions. India's partnerships include agreements with Zambia, Zimbabwe, Mozambique, Malawi, Côte D'Ivoire and other countries Reuters reports that China currently controls over 90% of the global supply, raising urgent concerns about supply chain security. Earlier this year, Beijing further restricted the export of rare-earth magnets, escalating pressure on countries dependent on the technology. In response, India has stepped up its bilateral outreach to strengthen its supply chain and reduce reliance on Chinese exports. According to India's Minister of State for Atomic Energy, Jitendra Singh, New Delhi already has cooperation agreements in place with mineral-rich countries, including key African suppliers of rare earth and critical minerals. "In the interest of developing bilateral cooperation with countries having rich mineral resources, the Ministry of Mines has entered into bilateral agreements with the governments of several countries, including Australia, Argentina, Zambia, Peru, Zimbabwe, Mozambique, Malawi, and Côte D'Ivoire, as well as international organizations such as the International Energy Agency (IEA)," Singh said in a written statement. While India's engagement also spans countries in Latin America and Asia, Africa stands out as a vital partner due to its vast untapped reserves and growing geopolitical importance. Consequently the emerging Asian giant has begun initiating government-to-government memorandums of understanding (MoUs) with countries like Brazil and the Dominican Republic. Singh added, " The broad objective of the MoUs is to provide an overarching framework for cooperation in research, development, and innovation in mining, with a particular focus on rare earth elements (REE) and critical minerals." Mineral-rich Africa emerges as rare earth battleground Africa, endowed with vast reserves of rare earth minerals vital to modern technology, has become the epicentre of a growing geopolitical contest involving China, the West, and India. These minerals, essential for powering electric vehicles, smartphones, military systems, and clean energy technologies, are now seen as strategic assets that could reshape the global balance of power. India, now the world's fifth-largest economy, is leveraging its democratic credentials and expanding global clout to position itself as a strategic partner. Its investments, particularly in sectors like electric mobility, defence, and renewable energy, rely heavily on a stable supply of rare earths. This engagement initiated by India, is part of a broader global race not only to access raw materials but to influence the future of manufacturing, trade, and technological advancement. Unlike previous extractive models, the emerging approach places greater emphasis on value addition within Africa. Many governments across the continent are pushing for processing, infrastructure development, and local job creation, aiming to convert mineral wealth into long-term economic growth.
31 minutes ago
Hong Kong's CK Hutchison seeks Chinese investor to join Panama Ports deal
HONG KONG -- A Hong Kong conglomerate that's selling ports at the Panama Canal said Monday it may seek a Chinese investor to join a consortium of buyers, a move that could please Beijing but bring more U.S. scrutiny to the geopolitically fraught deal. CK Hutchison Holdings' initial plan to sell port assets in dozens of countries to a group that includes U.S. investment firm BlackRock Inc. pleased President Donald Trump, who has alleged that China interferes with the critical shipping lane's operations in Panama. However, they apparently angered Beijing and drew a review from Chinese anti-monopoly authorities. A Beijing-backed newspaper posted scathing commentaries about the deal, with one describing it as a betrayal of all Chinese. Beijing's offices overseeing Hong Kong affairs have reposted some of these commentaries, widely seen as an indication of Chinese leaders' stance. A Hutchison subsidiary has operated ports at both ends of the Panama Canal since 1997. After months of uncertainty brought by tensions between Washington and Beijing, Hutchison said in a statement that the exclusive negotiations period with the consortium has expired. However, it added 'the Group remains in discussions with members of the consortium with a view to inviting major strategic investor from the PRC to join as a significant member of the consortium,' referring to the People's Republic of China. It said they needed to change the membership of the consortium and the structure of the transaction for the deal to be able to pass reviews by 'all relevant authorities." The awkward position Hutchison found itself in for months highlights the challenges Hong Kong business elites face in navigating Beijing's expectations of national loyalty, especially when relations between China and the United States are strained. Hong Kong has overhauled its electoral system to ensure the city is run by 'patriots.' CK Hutchison is owned by the family of Hong Kong's richest man, Li Ka-shing. It announced March 4 that it would sell all its shares in Hutchison Port Holdings and in Hutchison Port Group Holdings to the consortium that also includes BlackRock subsidiary Global Infrastructure Partners and Terminal Investment Limited, a subsidiary of the Mediterranean Shipping Company. In May, Hutchinson co-managing director, Dominic Lai told shareholders that Terminal Investment was the main investor. Its parent company is led by Italian shipping scion Diego Aponte, whose family reportedly has a longstanding relationship with Li's. The initial deal, valued at nearly $23 billion including $5 billion in debt, would have given the consortium control over 43 ports in 23 countries, including the ports of Balboa and Cristobal, located at either end of the canal. That agreement also required approval from Panama's government.
CNBC
42 minutes ago
- CNBC
Fair to say the US and China have reached some level of transactional stabilization, says AXA IM
Ecaterina Bigos of AXA Investment Managers says that US-China trade relations have somewhat stabilized even as the former aims to strategically de-risk from the latter. She says she remains "razor focused" on sectors and stocks which receive policy support when investing in the Chinese markets.
