Microsoft says China-backed cybercriminals hacked into US nuclear weapons agency
Share this @internewscast.com

Microsoft has issued a warning that hackers sponsored by the Chinese state have infiltrated its SharePoint software, which is utilized by the US agency that handles the upkeep and advancement of the country’s nuclear weapons arsenal, as stated in a report.

The National Nuclear Security Administration, which operates with some autonomy under the Department of Energy, was reportedly one of the entities attacked by Chinese-backed cybercriminals, Bloomberg News reported.

A Dutch cybersecurity firm estimates that about 400 government entities in the United States, Mauritius, Jordan, South Africa, and the Netherlands have been affected by the breach, according to Bloomberg News.

The Dutch firm, Eye Security, previously estimated that just 60 entities were impacted.

A source familiar with the situation told the financial news site on Tuesday that no sensitive or classified information was known to have been stolen in the hack, which was made possible by exploiting a flaw in Microsoft’s SharePoint document management software.

“On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy,” an agency spokesman told Bloomberg News.

“The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored.”

The breaches have been ongoing since at least July 7, according to Adam Meyers, senior vice president at CrowdStrike, the cybersecurity firm that has partnered with Microsoft to ward off potential cyber threats.

“The early exploitation resembled government-sponsored activity, and then spread more widely to include hacking that ‘looks like China’,” Meyers told Bloomberg News. CrowdStrike’s investigation into the campaign remains ongoing.

The Post has sought comment from the NNSA, Microsoft, CrowdStrike and Eye Security.

In a blog post, the tech giant identified two reputed cybercriminal organizations, Linen Typhoon and Violet Typhoon, in the alleged scheme to exploit flaws in Microsoft’s software that is used by customers on their own networks rather than in the more secure cloud. 

These customers are at risk of having their data compromised by the hackers, according to Microsoft, which also fingered a third Chinese-based organization, Storm-2603, as doing the same. 


Every morning, the NY POSTcast offers a deep dive into the headlines with the Post’s signature mix of politics, business, pop culture, true crime and everything in between. Subscribe here!


Microsoft SharePoint is a platform used to store, organize, share and manage internal web content across an organization — similar to intranets.

The NNSA wasn’t the only agency that was targeted in the alleged cyberattack.

Among the victims are the US Department of Education, Florida’s Department of Revenue and the Rhode Island General Assembly, which is the Ocean State’s legislative body.

Internationally, governments in Europe and the Middle East have also been targeted. Cybersecurity researchers have detected breaches on more than 100 servers, representing at least 60 victims across various sectors, including energy, consulting and academia.

Microsoft has patched the vulnerabilities in recent days, but the company expressed concern that hackers will continue to exploit these flaws in future attacks.

“We have high confidence that threat actors will continue to integrate them into their attacks,” Microsoft stated in its blog post.

“China opposes and fights hacking activities in accordance with the law. At the same time, we oppose smears and attacks against China under the excuse of cybersecurity issues,” a spokesperson for the Chinese embassy said in a statement.

Cybersecurity experts have expressed grave concerns about the severity of the threat.

Michael Sikorski, chief technology officer and head of threat intelligence for Unit 42 at Palo Alto Networks Inc., described the situation as a “high-severity, high-urgency threat.”

He emphasized the risks posed by SharePoint’s deep integration with Microsoft’s ecosystem, which includes services like Office, Teams, OneDrive and Outlook — all of which contain valuable data for attackers.

Eye Security reported that the flaws allow hackers to access SharePoint servers and steal authentication keys, enabling them to impersonate users or services even after patches are applied.

“We estimate that the real number might be much higher as there can be many more hidden ways to compromise servers that do not leave traces,” Eye Security’s co-owner Vaisha Bernard said in an email to Bloomberg News.

“This is still developing, and other opportunistic adversaries continue to exploit vulnerable servers.”

Despite Microsoft’s efforts to bolster its security measures, including hiring executives from government agencies and holding weekly security meetings, the recent breaches have drawn renewed scrutiny.

The US government issued a report last year that was critical of Microsoft’s lax security culture.

Share this @internewscast.com
You May Also Like
Bryan Kohberger at his sentencing hearing.

Gruesome Attack by Bryan Kohberger Left Idaho Student Unidentifiable, Disturbing Files Expose Details of Crime

IDAHO killer Bryan Kohberger reportedly left one of his victims in a…
Democratic Governor Tony Evers says he won't seek third term in battleground Wisconsin

Wisconsin’s Democratic Governor, Tony Evers, announces he won’t run for a third term in the key swing state.

MADISON, Wis. — On Thursday, Wisconsin’s Democratic governor, Tony Evers, confirmed that…
Chicago Mayor Brandon Johnson says he will not ask for property tax increase in budget, working to 'find progressive revenue'

Chicago Mayor Brandon Johnson Commits to No Property Tax Increase in Budget, Seeks ‘Progressive Revenue’ Solutions

CHICAGO (WLS) — Mayor Brandon Johnson addressed concerns on Thursday about potential…
Headshot of a smiling woman with blonde hair.

Coldplay ‘Kiss Cam Mistress’ Resigns from Astronomer Amid Cheating Scandal; CEO Andy Byron Steps Down Shortly After

ASTRONOMER’S HR supremo Kristin Cabot has resigned from her position at the…
Mugshot of Bryan Kohberger.

Bryan Kohberger Appears Expressionless in New Mugshot Amid News He Won’t Immediately Serve 4 Life Sentences

KILLER Bryan Kohberger has been pictured looking gaunt with a blank stare…
Brute on FBI’s ‘most wanted’ list for tossing cinderblock during anti-ICE riots finally busted at border

Fugitive on FBI’s ‘Most Wanted’ List for Cinderblock Incident During Anti-ICE Protests Finally Caught at Border

The masked individual accused of throwing concrete blocks at federal agents during…
Rapper GloRilla is arrested on drug charges following investigation of a burglary at her home

Rapper GloRilla Arrested for Drug Offenses After Home Burglary Investigation

This week, rapper GloRilla faced arrest on felony drug charges after police…
Suspects in Kansas City Chiefs fans’ deaths face murder charges for first time in crucial test for case

Murder Charges Filed Against Suspects in Kansas City Chiefs Fans’ Deaths: A Critical Moment for the Case

Two individuals are set to appear in court on Thursday to face…
Trump assassination attempt suspect Ryan Routh can represent himself at trial, federal judge rules

Federal Judge Allows Ryan Routh to Represent Himself in Trump Assassination Attempt Trial

The individual accused of attempting to assassinate President Donald Trump at one…
Live | Day 2: Jacksonville rapper Ksoo's murder trial continues

Live Updates: Jacksonville Rapper Ksoo Faces Second Day of Murder Trial Proceedings

The court is set to listen to testimony from various witnesses, including…
US cruise passengers nabbed after allegedly possessing lethal drug powerful enough to sedate elephants

U.S. Cruise Travelers Arrested for Alleged Possession of Extremely Potent Drug

Four U.S. cruise ship passengers were arrested in Bermuda after they were…
Man accused of attempting to assassinate Trump can represent himself at trial, judge says

Judge Allows Man Accused of Trying to Assassinate Trump to Represent Himself at Trial

FORT PIERCE, Fla. (AP) — A federal judge has ruled that a…