Chinese state-sponsored hacking groups leveraged previously unknown security flaws to breach government systems worldwide, including critical US defense infrastructure, though officials maintain that no classified nuclear information was accessed during the intrusion.
The cyberattack began on Friday, July 18th, when hackers exploited a previously unknown zero-day vulnerability in Microsoft SharePoint software, affecting the Department of Energy and its semiautonomous National Nuclear Security Administration.
Microsoft has attributed the attack to Chinese state-sponsored groups, specifically identifying Linen Typhoon, Violet Typhoon, and Storm-2603 as the primary threat actors responsible for leveraging the SharePoint vulnerabilities.
The attack methodology involved stealing critical authentication credentials, including usernames, passwords, hash codes, and security tokens, enabling unauthorized access to government systems.
The vulnerability specifically affected SharePoint customers managing the software on their own networks rather than cloud-based implementations, highlighting the security risks associated with on-premises infrastructure management.
Energy Department officials confirmed that the impact was minimized due to their widespread adoption of Microsoft M365 cloud services and robust cybersecurity systems, with only a small number of systems being compromised.
All affected systems are currently undergoing restoration procedures to ensure complete security remediation and prevent future unauthorized access attempts.
The SharePoint exploitation campaign extended far beyond the Energy Department, compromising systems belonging to national governments across Europe and the Middle East, the US Education Department, Florida’s Department of Revenue, and the Rhode Island General Assembly.
This coordinated attack demonstrates the sophisticated nature of the threat actors and their ability to simultaneously target multiple high-value government and organizational targets using the same technical vulnerabilities.
The National Nuclear Security Administration’s broad mission encompasses providing nuclear reactors for Navy submarines, responding to radiological emergencies, supporting counterterrorism efforts, and safely transporting nuclear weapons throughout the country.
This extensive operational scope makes the agency a particularly attractive target for foreign intelligence services seeking to gather strategic information about US nuclear capabilities and infrastructure.
While no sensitive or classified information was reportedly compromised, cybersecurity experts warn that even access to business systems poses significant security risks.
Edwin Lyman, director of nuclear power safety for the Union of Concerned Scientists, emphasized that attackers could exploit personnel information obtained from business networks for social engineering purposes, potentially facilitating future more damaging attacks.
This incident recalls the 2020 SolarWinds attack, which previously breached the NNSA, demonstrating the persistent targeting of critical nuclear infrastructure by sophisticated threat actors.
The classified networks containing the most sensitive nuclear information remain isolated from internet connectivity, providing an additional security layer against external intrusion attempts.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
The post Hackers Breach US Nuclear Weapons Systems Using SharePoint 0-Day Vulnerability appeared first on Cyber Security News.
You may recognize Jonathan Djob Nkondo's work from animated projects like the surreal sci-fi series…
A new weekend has arrived, and today, you can save big on LEGO Star Wars,…
The Michigan synagogue that came under attack this week when an armed man drove his car into…
They look like your average open earbuds, but with optional RGB LED effects. | Photo…
200 Years Ago By virtue of a warrant from the selectmen of the town of…
Ally Connor, back, and Eva Dentremont, bottom, lounge with Lincoln on their porch as the…
This website uses cookies.