Chinese Hackers Breach Over 100 Organizations via SharePoint
Synopsis
Massive Cyberattack on Over 100 Organizations Globally Over 100 organizations globally have been hit by a targeted cyberattack that took advantage of a critical vulnerability in Microsoft's SharePoint servers. Microsoft had acknowledged the breach…
Massive Cyberattack on Over 100 Organizations Globally
Over 100 organizations globally have been hit by a targeted cyberattack that took advantage of a critical vulnerability in Microsoft's SharePoint servers. Microsoft had acknowledged the breach on Tuesday, identifying several Chinese-affiliated hacker groups behind the attack, which has impacted companies, universities, and government agencies in nations such as the United States and Germany.
The intrusion allegedly started as early as July 7, with cybersecurity professionals noting that the attackers possibly had weeks of unmonitored access to critical systems. Microsoft named the groups as Linen Typhoon, Violet Typhoon, and Storm-2603 — all which have previously been involved in cyber espionage operations attributed to China.
Flaw Was Known for Months, But the Patch Didn't Hold
The SharePoint bug was initially found in May at a Berlin hacking competition, where a researcher was rewarded $100,000 to report the bug. Yet, even after Microsoft released a patch in July, security companies claim it wasn't sufficient. Hackers discovered means to circumvent the patch and continued to exploit the vulnerability.
Security firm Sophos said the bug was exploited to steal cryptographic keys and obtain permanent access even after patches had been rolled out. The attack spiked on July 18 and 19, infecting key industries such as telecommunications, software, and government.
The US Cybersecurity and Infrastructure Security Agency has subsequently included the SharePoint vulnerability in its catalog of known exploited vulnerabilities, instructing federal agencies to immediately patch their systems.
Who's Behind the Attack and What They Want
Among the actors involved, Linen Typhoon is most famous for attacking government and defense organizations to steal intellectual property. Violet Typhoon was seen spying on NGOs and retired military personnel in the past. Storm-2603 is less well-known but has used ransomware tools in the past.
Experts believe these attackers could remain undetected in systems for months before deploying additional defenses. A former FBI official, Cynthia Kaiser, warned that "The real threat may just be beginning." Microsoft has now issued more detailed security updates and is cooperating with affected groups to limit the damage.
Stay informed. Stay inspired. Subscribe to Inspirepreneur Magazine’s Newsletter for the latest developments on global conflicts, leadership insights, and strategic innovations shaping tomorrow’s world.
At Inspirepreneurs Magazine, covering entrepreneurship, business failures, and the human stories behind the world's most ambitious founders. She writes at the intersection of strategy and storytelling.
You Might Also Like
The Power of Persuasion: Elevating Your Career Through Effective Communication
Alan Joyce: An Unconventional Approach to Aviation Leadership