00:00Software giant Microsoft is at the center of a cybersecurity storm after China-linked hackers
00:11exploited flaws in SharePoint servers to target hundreds of organizations. While such cyber
00:18attacks are not new, the scale of the onslaught and the speed with which the hackers took advantage
00:24of freshly discovered vulnerabilities is fueling concern. That startup iSecurity warned on 19th
00:31of July of online attacks targeting SharePoint file sharing servers, with Microsoft quick to
00:36confirm the report and release patches to protect systems. According to Microsoft, the vulnerability
00:43allowed the hackers to retrieve credentials and then access SharePoint servers kept at users'
00:49facilities. But the company said that the cloud-based SharePoint software was safe from the problem.
01:01iSecurity determined that more than 400 computer systems were compromised by hackers
01:07during waves of attacks. Media reports indicated that the targets included government organizations in
01:13Europe, the Middle East and the US, among them the US Nuclear Weapons Agency. Cybersecurity
01:19firm Palo Alto Networks warned in a note. On-premises, SharePoint deployments, particularly
01:25within government, schools, healthcare and large enterprise companies, are at immediate risk.
01:31Microsoft has not disclosed the number of victims in the attack. SharePoint had more than 200 million
01:37active users as of 2020, according to the most recent figures available from Microsoft.
01:43Microsoft has attributed the cyber attacks to groups backed by China. The culprits are believed to include
01:55Chinese state actors known as Linen Typhoon and Violet Typhoon, along with a group called Storm 2603,
02:04which is considered with moderate confidence to be a threat actor based in China. The typhoon groups have
02:10been active for a decade or more and are known for intellectual property theft as well as espionage,
02:16according to Microsoft. Less was known about Storm 2603 and its motives. Microsoft said investigations
02:24into other actors also using these exploits are ongoing. The company urged users to patch SharePoint
02:31servers to avoid becoming hacking victims. According to cybersecurity specialist Damien Benkal,
02:41the assault on SharePoint servers is the latest in a series of sophisticated attacks
02:46carried out by state-sponsored groups against the Microsoft ecosystem. In 2021, attacks by a Chinese
02:53hacker group known as cell typhoon compromised tens of thousands of email servers using Microsoft
03:00Exchange software. Microsoft's success at making its software commonplace in offices and homes also make
03:07it a prime target for hackers out to steal money or information. Microsoft software can hold sensitive
03:14and valuable information. Shane Barney, head of information security at US-based Keeper Security,
03:20said it is not Microsoft that is being targeted, it is its customers. Head of Orange Cyber Defence
03:26Computer Emergency Response Team Roderick Lebeo said, targeting Microsoft programs is a means to an end
03:33and tomorrow it could be a software from another company. According to him, China is not the only nation
03:43backing hacker operations as countries around the world hone cyber capabilities. Nevertheless, China is
03:50repeatedly singled out by companies and governments hit by hacks. Western countries have accused hacker
03:56groups allegedly supported by China of conducting a global cyber espionage campaign against figures
04:02critical of Beijing, democratic institutions and companies in various sensitive sectors.
Comments