US government agencies are under attack in widespread Microsoft hack
Tens of thousands of servers hosting the software, which is used for sharing and managing documents, could potentially be at risk as a result of the 'zero day' cyberattack, according to The Washington Post.
By obtaining access to internal servers, the hackers may have been able to steal sensitive data from connected Outlook and Teams accounts, including passwords, as well as cryptographic keys to allow them back in. Cloud-based services are not thought to have been compromised.
Microsoft has already issued one patch to address the vulnerability but, at the time of writing, two more versions of SharePoint were still awaiting custom patches of their own.
The two U.S. agencies affected could not be named by researchers because of confidentiality agreements, according to the Post, but the FBI has said it is aware of the matter and is investigating.
'We are working closely with our federal government and private sector partners,' the bureau said.
It is not yet clear who is behind the attack, although the Post reports that a state legislature in the eastern United States was targeted, as were institutions in China. A local government agency in Spain and a university in Brazil were also hit.
An official with the aforementioned eastern state said the attackers had 'hijacked' a repository of documents made available to residents to help them understand the workings of government, leaving the agency currently unable to access the material in question, which may or may not have been deleted by the raiders.
'We will need to make these documents available again in a different repository,' they pledged.
According to Marci McCarthy, spokesperson for the Department of Homeland Security 's Cybersecurity and Infrastructure Security Agency (CISA), the hack came after Microsoft fixed a security flaw in SharePoint earlier this month, which inadvertently alerted the hackers that they might be able to exploit a similar vulnerability.
McCarthy said CISA was alerted to the hack by a cyber research firm on Friday and immediately flagged it to Microsoft.
She denied that her agency was 'asleep at the wheel' without a permanent director in charge, as nominee Sean Plankey continues to serve in an acting capacity only as he awaits confirmation by the Senate.
Microsoft is a major tech vendor to governments around the world but is not immune to targeting by cybercriminals.
The corporation announced on Friday that it would stop employing China-based engineers to work on Defense Department cloud computing contracts after Defense Secretary Pete Hegseth ordered a review of its infrastructure amid global espionage concerns.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Independent
11 hours ago
- The Independent
Why Tesla shares fell as Musk issues warning
Tesla shares fell after CEO Elon Musk warned of The electric vehicle maker reported a 12 per cent drop in revenue and a 16 per cent fall in profit, facing increased competition and the impact of Musk's political affiliations. Tesla's financial challenges include the loss of a $7,500 EV tax credit, reduced income from regulatory credits, and hundreds of millions in costs due to tariffs imposed by Donald Trump. Musk indicated a strategic shift towards self-driving taxis, automated driving software, and robotics, rather than focusing primarily on car sales. The company began rolling out its paid robo-taxi service in Austin, Texas, in June, with plans to expand to other cities soon
Daily Mail
11 hours ago
- Daily Mail
Trump fires back at reports he's trying to destroy Musk's companies
President Donald Trump shot back at reports that he will try to destroy the companies of former best friend Elon Musk, clarifying his intent when it comes to the world's richest man. Trump had previously threatened to take away the billions in government contracts that Musk's various companies hold. The duo had a very public fallout over Trump's one big beautiful bill, which resulted in each man making threats against the other But the president now says he wants Musk to 'thrive.' 'Everyone is stating that I will destroy Elon's companies by taking away some, if not all, of the large scale subsidies he receives from the U.S. Government. This is not so!,' the president wrote on Truth Social. 'I want Elon, and all businesses within our Country, to THRIVE, in fact, THRIVE like never before! The better they do, the better the USA does, and that's good for all of us,' Trump wrote. The clarification came after White House press secretary Karoline Leavitt was asked in her briefing on Wednesday if Trump supports federal agencies contracting with Musk's artificial intelligence company, xAI. 'I don't think so, no,' she replied and then added she would speak to the president about the matter. xAI won a contract for up to $200 million with the Department of Defense, alongside Anthropic, Google and OpenAI, last week. Additionally, this week, xAI unveiled a suite of products for U.S. government customers, which it refers to as Grok for Government. Trump and Musk have had a hot and cold relationship since the Tesla founder left government service in May. After his departure, Musk publicly turned on Trump's signature bill, complaining it would increase the country's debt and undo much of the savings his Department of Government Efficiency had sought. Trump was furious at Musk's public criticism and, at one point, responded: 'The easiest way to save money in our Budget, Billions and Billions of Dollars, is to terminate Elon's Governmental Subsidies and Contracts.' 'We might have to put DOGE on Elon. You know what DOGE is? DOGE is the monster that might have to go back and eat Elon,' Trump added. Musk, for his part, threatened to start a third political party to go after Republican candidates and posted on his X account that the reason the Jeffrey Epstein files hadn't been released because Trump is in them. He later took that post down.
Reuters
11 hours ago
- Reuters
OpenAI prepares to launch GPT-5 in August, The Verge reports
July 24 (Reuters) - Artificial intelligence pioneer OpenAI plans to launch its GPT-5 model as early as August, The Verge reported on Thursday, citing sources familiar with the plans. The new model, which was expected to launch this summer, will be positioned as an AI system that incorporates distinct models and can perform different functions as opposed to just a single AI model. OpenAI did not immediately respond to a Reuters request for comment. The Microsoft-backed (MSFT.O), opens new tab startup's GPT-5 will incorporate its o3 model along with other technologies, CEO Sam Altman had said in February, in a bid to simplify its offerings. The startup ultimately aims to merge the o-series and GPT-series models as it looks to create AI systems that can utilize all available tools and handle a variety of tasks. "While GPT-5 looks likely to debut in early August, OpenAI's planned release dates often shift to respond to development challenges, server capacity issues, or even rival AI model announcements and leaks," according to the report.
