Microsoft has revealed that several of its SharePoint document software servers have been hacked by groups linked to the Chinese state. These groups have targeted data belonging to businesses and institutions that use the on-premise version of the system, outside of Microsoft’s cloud services.
Exploiting Vulnerabilities in On-Premise SharePoint
According to the tech giant’s statement, the groups, identified as Linen Typhoon, Violet Typhoon, and Storm-2603, exploited known vulnerabilities in locally installed versions of SharePoint. This allowed them to gain access to confidential information from organizations across several sensitive sectors worldwide.
Microsoft has released urgent security updates and is urging all users of on-premise SharePoint servers to install them immediately to prevent further attacks. The company expressed “high confidence” that the hackers will continue to target systems that have not been updated.
Investigations into other potential attacks are ongoing, and Microsoft has pledged to update its official blog with new information as it becomes available.
This incident serves as another alarming signal regarding the increasing risk posed by state-sponsored cyberattacks, particularly from China, against technological infrastructure and sensitive data in key sectors globally.
