Microsoft has issued an alert about “active attacks” on server software used to share documents within organisations.
Th tech giants are recommending security updates for SharePoint users.
In the US, the FBI has said it is aware of attacks and is working closely with its federal and private sector partners.
Microsoft say the vulnerabilities apply only to SharePoint servers used within organisations. It said SharePoint Online in Microsoft 365, which is in the cloud, was not hit by the attacks.
The Washington Post, which first reported the hacks, said unidentified actors in the past few days had exploited a flaw to launch an attack that targeted US and international agencies and businesses.
The hack is known as a “zero day” attack because it targeted a previously unknown vulnerability, the newspaper said, quoting experts. Tens of thousands of servers were at risk.
Microsoft accused ccused Chinese state-sponsored hackers of using flaws in its SharePoint document management software in a hacking campaign that has targeted businesses and government agencies around the world.
They have identified two groups supported by the Chinese government, Linen Typhoon and Violet Typhoon, warning “Investigations into other actors also using these exploits is still ongoing, With the rapid adoption of these exploits, Microsoft assesses with high confidence that threat actors will continue to integrate them into their attacks.”.
The Chinese Embassy in the US said it was firmly opposed to all cyber attacks and cyber crime. In a statement, an Embassy spokesperson added: “At the same time, we also firmly oppose smearing others without solid evidence.
“We hope that relevant parties will adopt a professional and responsible attitude when characterizing cyber incidents, basing their conclusions on sufficient evidence rather than unfounded speculation and accusations.”
If you are worried about cyber crime, please contact UK Business IT for information.
