A critical failure in SharePoint servers exposed key agencies, universities, and companies around the world
Compartir:
Hackers took advantage of a critical flaw in Microsoft SharePoint servers to launch a global cyberattack that affects government agencies, universities, and strategic companies.
The United States, together with Canada and Australia, is already investigating the incident. Microsoft still hasn't released a patch for the vulnerability.
Piratas informáticos aprovecharon una falla crítica en servidores SharePoint de Microsoft
What kind of attack did Microsoft's servers suffer?
This is a zero-day attack, which exploits a previously unknown flaw in SharePoint systems. This platform is used to share and manage documents within organizations.
The hackers managed to access internal servers, not those operating in the cloud like Microsoft 365. The victims are trying to mitigate the damage without an official solution.
Who was affected by the hack?
The targets include U.S. federal and state agencies, universities, energy companies, and an Asian telecommunications company. There were also incidents in Europe and China.
Hackers pro-Israel robaron criptomonedas en Irán.
According to the firm Eye Security, more than 50 breaches have already been recorded, including a major energy company and several public institutions.
What do experts say about the threat?
Adam Meyers, from CrowdStrike, was blunt: "Anyone who has a hosted SharePoint server has a problem." The severity increases because the strikers obtained access keys that could allow them to re-enter even if the system is updated.
Microsoft fue una de las plataformas afectadas
The firm Palo Alto Networks warned that they have already detected attempts to exploit thousands of servers before a patch is released.
How did Microsoft respond to the incident?
The company sent an alert to its customers, recommending modifying SharePoint's configuration or disconnecting them from the internet. But so far, it hasn't issued public statements or definitive solutions.
The FBI, meanwhile, confirmed that it is working with government agencies and companies to contain the situation.
Hasta ahora, Microsoft no emitió declaraciones públicas ni soluciones definitivas
Why is this attack so concerning?
Some experts fear that, by having access to linked services such as Outlook or Teams, the hackers could steal sensitive information and obtain passwords.
In addition, the compromised documents include public repositories intended to inform citizens, which leads to consequences for government transparency.
