China's nuclear hack to the US... Pirates seized it

Microsoft has warned that state-backed Chinese hackers have exploited vulnerabilities in its SharePoint software to break into institutions worldwide, including the U.S. agency responsible for nuclear weapons design. The tech giant said in a blog post that two groups backed by the Chinese government, Linen Typhoon and Violet Typhoon, exploited flaws in the document-sharing software that made customers running it on their own networks vulnerable rather than the cloud. Another hacking group based in China, which Microsoft has dubbed Storm-2603, also exploited the vulnerabilities, according to the blog. THEY ARE GETTING THERE The number of companies and institutions being breached due to these vulnerabilities is also growing. According to a person with knowledge of the matter who was not authorized to speak publicly, hackers exploited SharePoint vulnerabilities to break into the U.S. National Nuclear Security Administration. Bloomberg also reported on Monday that systems belonging to the U.S. Department of Education, the Florida Department of Revenue and the Ada General Assembly were also compromised. While Microsoft has patched its software in recent days, cybersecurity researchers have so far identified breaches on more than 100 servers representing 60 victims, including organizations in the energy sector, consulting firms and universities. Hackers also used the software to break into the systems of national governments from Europe to the Middle East, according to a person familiar with the matter. Adam Meyers, a senior vice president at CrowdStrike Holdings, said the SharePoint vulnerabilities have been used in attacks by hackers since at least July 7. Meyers said the initial exploits resembled government-sponsored activities and later spread more broadly to include “China-like” hacking. CrowdStrike said its investigation into the campaign is ongoing. Microsoft said on its blog that its investigations into other threat actors using the vulnerabilities are “still ongoing.” The company said it had “high confidence” that the hackers “will continue to integrate these into their attacks.” CHINA DISAGREES The Chinese Embassy in Washington said in a statement that China firmly opposes all forms of cyberattacks and cybercrime. “At the same time, we firmly oppose smearing others without solid evidence. We hope that relevant parties will adopt a professional and responsible attitude when characterizing cyber incidents and base their conclusions on sufficient evidence rather than baseless speculation and accusations,” the embassy said. “NO SENSITIVE INFORMATION COMPROMISED” A person with knowledge of the breach said no sensitive or classified information was compromised in the attack on the National Nuclear Security Administration. That unit, a semi-autonomous branch of the Department of Energy, is responsible for the production and dismantling of nuclear weapons. An Energy Department spokesperson said in an emailed statement that the SharePoint exploit began affecting the agency on July 18, but