Tech News

Microsoft confirms Chinese hackers breached SharePoint servers

Founder News Team 0
Microsoft confirms Chinese hackers breached SharePoint servers


Microsoft confirms Chinese hackers breached SharePoint servers
Hackers exploited vulnerabilities in on-premises SharePoint servers

What’s the story

Microsoft has confirmed that its SharePoint document software servers were hacked by Chinese “threat actors.”
The attack was carried out by state-backed groups ‘Linen Typhoon’ and ‘Violet Typhoon,’ as well as China-based ‘Storm-2603.’
They exploited vulnerabilities in on-premises SharePoint servers utilized by businesses. However, the cloud-based service of Microsoft remained unaffected.

Microsoft has released security updates

In light of the breach, Microsoft has released security updates and urged all on-premises SharePoint server customers to install them.
The tech giant declared it has “high confidence” that the hackers will continue to tarreceive systems that have not installed its security updates.
“Investigations into other actors also applying these exploits are still ongoing,” Microsoft declared in a statement.

Governments, businesses applying SharePoint were the main tarreceives

Microsoft observed that the hackers sent a request to a SharePoint server, enabling them to steal key material.
Charles Carmakal, CTO at Mandiant Consulting firm (a division of Google Cloud), declared they were “aware of several victims in several different sectors across a number of global geographies.”
He added that governments and businesses applying SharePoint on their sites were the main tarreceives.

Flaw was exploited before a patch was released by Microsoft

Carmakal declared several hackers who stole material encoded by cryptography were able to regain ongoing access to the victims’ SharePoint data.
“This was exploited in a very broad way, very opportunistically before a patch was built available. That’s why this is significant,” he added.
He also noted that the “China-nexus actor” was applying techniques similar to previous campaigns linked with Beijing.

Linen Typhoon and Violet Typhoon have been active for years

Microsoft revealed that Linen Typhoon has been “focutilized on stealing innotifyectual property, primarily tarreceiveing organizations related to government, defense, strategic planning, and human rights” for 13 years.
Meanwhile, Violet Typhoon has been “dedicated to espionage,” mainly tarreceiveing former government and military staff, NGOs, consider tanks, higher education institutions as well as media outlets in the US, Europe, and East Asia.



Source link

Related Story

Leave a Reply

Your email address will not be published. Required fields are marked *