Microsoft (MSFT, Financial) has issued a warning about state-sponsored Chinese hackers exploiting vulnerabilities in its SharePoint document management software. These cyberattacks target government agencies and businesses worldwide, raising significant concerns in the cybersecurity community and highlighting the challenges Microsoft faces in safeguarding its products.
On Tuesday, Microsoft disclosed that hacker groups affiliated with the Chinese government, named "Linen Typhoon," "Violet Typhoon," and "Storm-2603," have been exploiting SharePoint vulnerabilities. The primary targets are self-managed (non-cloud) SharePoint server customers. Microsoft's investigation is ongoing to determine if other attackers are leveraging these exploits.
Reports indicate that the hackers have compromised government systems across Europe and the Middle East, including the US Department of Education and Florida's tax agency. With over 100 servers and 60 organizations affected globally, industries such as energy, consulting, and academia in countries like Saudi Arabia, Vietnam, Oman, and the UAE have been impacted.
Microsoft has released patches to address some vulnerabilities and pledged ongoing protective measures. However, cybersecurity experts warn that the integration of SharePoint with Microsoft Office, Teams, OneDrive, and Outlook makes it an attractive target for attackers. The escalating cybersecurity tension between the US, China, and their allies brings focus on Microsoft's security strategies.
