U.S. Nuclear Weapons Agency Reportedly Breached in SharePoint Cyberattack

A critical flaw in Microsoft’s on-prem SharePoint Server has opened the door to one of the year’s most serious cyberattacks. Microsoft has recently confirmed that Chinese hackers are behind it.

The company, in a recently published blog post, says the attackers exploited a zero-day vulnerability to infiltrate organizations worldwide. While Microsoft rolled out security patches quickly, the damage was already done.

Now, according to a report by Bloomberg, the U.S. Energy Department, which comes under the National Nuclear Security Administration, has also been affected by the SharePoint attack.

For the initiated, the National Nuclear Security Administration is the agency in charge of overseeing nuclear weapons and responding to radiological emergencies. While officials say no sensitive data was stolen, the idea that hostile actors got this close to nuclear-related infrastructure is enough to raise serious concerns.

The Energy Department says most of its systems were protected by Microsoft 365’s cloud protections. To catch you up, this isn’t the first time the agency’s been hit in a cyberattack. The agency’s business systems were compromised during the 2020 SolarWinds hack as well.

One thing is clear that the SharePoint attacks appear widespread, with reports of stolen credentials and remote code execution across multiple sectors. Microsoft hasn’t named all the affected organizations, but more details are expected soon in its advisory. For now, it’s best to install the important security updates released by Microsoft.