Microsoft Warns of Active Cyberattacks Targeting SharePoint Servers
Microsoft warns organizations and government agencies about active cyberattacks on on-premises SharePoint servers. The technology giant released a high-priority warning over the weekend. Experts describe the threat as a “zero-day” attack, where hackers are taking advantage of an unknown flaw. Microsoft called on users to update security right away.
SharePoint Servers in Organizations Face Major Threat
This is only an internal SharePoint server vulnerability in corporations. SharePoint Online in the Microsoft 365 cloud is not impacted. Microsoft reported that hackers are spoofing the identities of trusted users in order to bypass security controls. This enables them to view confidential data or pose as employees within private or government networks.
FBI Launches Investigation
The FBI confirmed the cyberattacks on Sunday. It stated that agents are working closely with federal agencies and private-sector partners to assess the threat. However, the FBI shared no further information about the hackers or the extent of the damage
Microsoft explained that the flaw allows attackers to spoof network identities. In spoofing attacks, hackers pretend to be trusted individuals or websites. This tactic can cause serious harm, especially in finance and government sectors, where identity verification is crucial.
Zero-Day Flaw Puts Thousands of Servers at Rise
The Washington Post reports that already, the hackers have exploited the flaw to gain access to systems in the United States and other countries. Experts predict that tens of thousands of servers may be at risk. Zero-day attacks are most risky since users have no time to prepare and respond to them.
Microsoft issued a security update for SharePoint Subscription Edition. Microsoft encouraged users to apply the update immediately. Updates for SharePoint 2016 and 2019 continue. In the meantime, Microsoft recommends customers unplug exposed servers from the internet if they are unable to enable full malware protection.
Microsoft cautions that lagging to install updates may result in theft of data, service disruptions, or spoofed identities gaining access to secure networks. It advises closely monitoring systems, analyzing activity logs, and tightening identity checks to minimize risks
