US Politics
US government agencies are under attack in widespread Microsoft hack
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it’s investigating the financials of Elon Musk’s pro-Trump PAC or producing our latest documentary, ‘The A Word’, which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.
Read more
A major hack targeting servers running Microsoft’s SharePoint software has reportedly impacted at least two U.S. government agencies among hundreds of other targets around the world.
Tens of thousands of servers hosting the software, which is used for sharing and managing documents, could potentially be at risk as a result of the “zero day” cyberattack, according to The Washington Post.
By obtaining access to internal servers, the hackers may have been able to steal sensitive data from connected Outlook and Teams accounts, including passwords, as well as cryptographic keys to allow them back in. Cloud-based services are not thought to have been compromised.
Microsoft has already issued one patch to address the vulnerability but, at the time of writing, two more versions of SharePoint were still awaiting custom patches of their own.
open image in gallery
The two U.S. agencies affected could not be named by researchers because of confidentiality agreements, according to the Post, but the FBI has said it is aware of the matter and is investigating.
“We are working closely with our federal government and private sector partners,” the bureau said.
It is not yet clear who is behind the attack, although the Post reports that a state legislature in the eastern United States was targeted, as were institutions in China. A local government agency in Spain and a university in Brazil were also hit.
An official with the aforementioned eastern state said the attackers had “hijacked” a repository of documents made available to residents to help them understand the workings of government, leaving the agency currently unable to access the material in question, which may or may not have been deleted by the raiders.
“We will need to make these documents available again in a different repository,” they pledged.
open image in gallery
According to Marci McCarthy, spokesperson for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the hack came after Microsoft fixed a security flaw in SharePoint earlier this month, which inadvertently alerted the hackers that they might be able to exploit a similar vulnerability.
McCarthy said CISA was alerted to the hack by a cyber research firm on Friday and immediately flagged it to Microsoft.
She denied that her agency was “asleep at the wheel” without a permanent director in charge, as nominee Sean Plankey continues to serve in an acting capacity only as he awaits confirmation by the Senate.
Microsoft is a major tech vendor to governments around the world but is not immune to targeting by cybercriminals.
The corporation announced on Friday that it would stop employing China-based engineers to work on Defense Department cloud computing contracts after Defense Secretary Pete Hegseth ordered a review of its infrastructure amid global espionage concerns.
