Microsoft SharePoint Hack Hits 100 Organizations

The affected organizations include government entities, primarily located in the United States and Germany. Rafe Pilling, director of threat intelligence at Sophos, noted that "it's possible that this will quickly change," suggesting the attack's scope may expand.

0
41

A widespread cyber espionage operation targeting Microsoft server software has compromised approximately 100 organizations worldwide, with security firms Eye Security and Shadowserver Foundation uncovering the cyberattack’s extent. The hack exploits a previously undisclosed digital weakness in self-hosted SharePoint servers, allowing spies to penetrate vulnerable servers and potentially drop a backdoor for continuous access.

According to Vaisha Bernard, chief hacker at Eye Security, “It’s unambiguous. Who knows what other adversaries have done since to place other backdoors.” The affected organizations include government entities, primarily located in the United States and Germany. Rafe Pilling, director of threat intelligence at Sophos, noted that “it’s possible that this will quickly change,” suggesting the attack’s scope may expand.

The vulnerability, known as a zero-day exploit, enables hackers to gain remote access to SharePoint servers without requiring login credentials. This has raised concerns about the security of enterprise software widely used by public and private sectors. Microsoft has released security updates and encourages customers to install them, but experts warn that applying patches may not be sufficient to prevent further breaches.

Daniel Card of British cybersecurity consultancy PwnDefend emphasized the need for a comprehensive approach, stating, “The SharePoint incident appears to have created a broad level of compromise across a range of servers globally. Taking an assumed breach approach is wise, and it’s also important to understand that just applying the patch isn’t all that is required here.”

With over 8,000 servers online potentially compromised, the attack highlights the importance of robust cybersecurity measures. Microsoft’s stock remains relatively stable, with a 0.06% increase, despite the news. The FBI and Britain’s National Cyber Security Centre are investigating the attacks, but the identity of the hackers remains unknown.

The breach highlights the critical importance of robust cybersecurity measures, especially for organizations using Microsoft SharePoint for sensitive data storage and collaboration. As investigations into the attack continue, experts warn that similar vulnerabilities could be exploited in the future, emphasizing the need for prompt patching and enhanced security protocols.

Leave a Reply