U.S. nuclear weapons agency was among those breached in a Microsoft SharePoint hack

Source Cryptopolitan

The National Nuclear Security Administration, which oversees the design and upkeep of America’s nuclear weapons arsenal, was among those whose systems were breached as part of the recent Microsoft SharePoint hack.

An anonymous source from the NNSA said no classified or sensitive data appears to have been stolen in the NNSA breach. When asked about the breach, the NNSA directed all inquiries to the Department of Energy, which oversees the administration as part of its wider responsibilities.

“On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy,” an agency spokesman said. 

“The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and capable cybersecurity systems. A small number of systems were impacted. All impacted systems are being restored.”

The NNSA carries out a wide range of duties beyond managing nuclear arms. It builds naval reactors for the Navy’s submarine fleet, responds to emergencies at home and abroad, helps transport nuclear weapons safely across the United States, and supports counterterrorism efforts.

This was not the first time hackers had penetrated NNSA-linked networks via a third-party tool. In 2020, the agency was targeted in an attack on SolarWinds Corp., whose software is used for network management. At the time, the Energy Department said malware had “been isolated to business networks only.”

Microsoft blamed state-sponsored hackers from China

The breach exploited weaknesses in the SharePoint platform and hit governments and businesses worldwide. In some cases, attackers stole sign‑in info such as usernames and passwords along with tokens and hash codes, according to an earlier Bloomberg report. 

Beyond the Energy Department, this breach extended to systems in national governments across ME and EU, as well as to several U.S. agencies, including the Education Department, the Rhode Island General Assembly, and Florida’s Department of Revenue.

Investigators say the full scope of the intrusion is still being determined. The software flaws affect organizations that run SharePoint locally rather than through Microsoft’s cloud service, leaving on-site installations particularly at risk.

In a Tuesday blog post, Microsoft named two hacking teams linked to China. These include Violet Typhoon and Linen Typhoon. The post mentioned a third group called Storm-2603 using similar tactics to breach systems.

On Monday, Charles Carmakal, chief technology officer at Mandiant, a Google‑owned cybersecurity firm, said in a LinkedIn post: “We assess that at least one of the actors responsible for the early exploitation is a China-nexus threat actor.”

The US Cybersecurity and Infrastructure Security Agency, or CISA, confirmed on Sunday that it was “aware of active exploitation” of the SharePoint weakness. Microsoft responded by issuing patches for local versions of SharePoint, then released a third fix on Monday.

SharePoint is a core part of Microsoft’s Office suite. It serves as a collaboration hub, letting employees inside organizations access shared files and documents through a central portal.

Microsoft has been attacked by Chinese hacker teams in the past

Last year, Chief Executive Officer of Microsoft Satya Nadella declared cybersecurity as the top priority for the company after a government report slammed the company’s response to a Chinese breach of email accounts belonging to officials. 

Earlier this month, Microsoft told customers it would no longer rely on Chinese engineers for cloud services provided to the Pentagon, following media reports that the setup could have allowed attacks on defense systems belonging to the US.

In 2021, another group called Hafnium, linked to China, exploited a separate flaw in Microsoft’s Exchange Server software to break into networks at organizations worldwide.

In a statement emailed to reporters, the Chinese embassy in Washington said Beijing opposed “all forms of cyberattacks” and warned against “smearing others without solid evidence.”

Security researchers first spotted the vulnerability in May during a hacking contest in Berlin organized by Trend Micro. The event offered cash prizes to those who could find undisclosed software bugs. The competition included a $100,000 award for zero-day exploits targeting SharePoint, highlighting how high‑stakes these hidden flaws can be.

Cryptopolitan Academy: Tired of market swings? Learn how DeFi can help you build steady passive income. Register Now

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
Ripple’s $21 Trillion Dream: What Capturing 20% Of SWIFT Volume Means For XRPRipple Labs, a crypto payments company, continues to set its ambitions and those of XRP higher than ever as it edges closer to disrupting the global financial messaging giant SWIFT. After Ripple CEO
Author  NewsBTC
7 Month 14 Day Mon
Ripple Labs, a crypto payments company, continues to set its ambitions and those of XRP higher than ever as it edges closer to disrupting the global financial messaging giant SWIFT. After Ripple CEO
placeholder
Ethereum Price Momentum Explodes—Is the Path to $4K Wide Open?Ethereum price started a fresh increase above the $3,750 zone. ETH is now showing bullish signs and might continue to rise toward the $3,950 zone. Ethereum started a fresh increase above the $3,750
Author  NewsBTC
7 Month 22 Day Tue
Ethereum price started a fresh increase above the $3,750 zone. ETH is now showing bullish signs and might continue to rise toward the $3,950 zone. Ethereum started a fresh increase above the $3,750
placeholder
Oil Prices Rise on Sharp U.S. Inventory Drop; Trade Deals Take Center StageOil prices edged higher during Thursday’s Asian trading session, supported by data showing a sharp drop in U.S. crude inventories, as investors cautiously awaited developments on trade agreements ahead of Donald Trump’s looming deadline.
Author  Mitrade
16 hours ago
Oil prices edged higher during Thursday’s Asian trading session, supported by data showing a sharp drop in U.S. crude inventories, as investors cautiously awaited developments on trade agreements ahead of Donald Trump’s looming deadline.
placeholder
Dollar Inches Higher as Traders Await ECB Decision and U.S. Data ReleasesThe U.S. dollar edged higher Thursday but remains at low levels, while the euro slipped ahead of the latest policy-setting meeting from the European Central Bank.
Author  Mitrade
15 hours ago
The U.S. dollar edged higher Thursday but remains at low levels, while the euro slipped ahead of the latest policy-setting meeting from the European Central Bank.
placeholder
Tesla Shares Slide as Musk Warns of Tough Quarters Ahead Amid Weaker DemandTesla (NASDAQ: TSLA) shares fell more than 5% in U.S. premarket trading on Thursday, after CEO Elon Musk cautioned investors about a potentially challenging period for the electric vehicle giant. The warning comes as the company struggles with softer consumer demand and the looming expiration of key federal tax incentives for EV buyers.
Author  Mitrade
14 hours ago
Tesla (NASDAQ: TSLA) shares fell more than 5% in U.S. premarket trading on Thursday, after CEO Elon Musk cautioned investors about a potentially challenging period for the electric vehicle giant. The warning comes as the company struggles with softer consumer demand and the looming expiration of key federal tax incentives for EV buyers.
goTop
quote