Technology NewsThe estimated reading time is 3 minutes

Global Hackers Exploit Microsoft SharePoint Flaw, Breach US Government and Energy Firms

henryHenry Wilson
0 Comments

Zero-Day Attack Hits State Agencies, Universities, and Critical Infrastructure Worldwide

A sweeping cyberattack has struck Microsoft’s widely deployed SharePoint servers, compromising U.S. federal and state government systems, major universities, and key energy companies — all through a previously unknown vulnerability that Microsoft has yet to patch, officials and researchers confirmed Sunday.

The attack, described as a “zero-day” exploit, leverages a critical flaw in on-premise SharePoint software — a platform used by thousands of organizations globally for document sharing and collaboration. Cybersecurity agencies in the U.S., Canada, Australia, and New Zealand are racing to contain the threat, while Microsoft remains under fire for failing to issue an immediate fix.

Global Targets, No Patch in Sight

The breach is global in scale, according to researchers and U.S. officials familiar with the investigation.

Government entities from Washington to Canberra, research universities, and a major telecommunications firm in Asia are among the confirmed victims. Energy companies — already on edge due to recent cyber incidents — are also believed to have been affected, though details remain classified.

One sentence. No easing the tension.

Microsoft’s SharePoint servers are used by tens of thousands of institutions. The flaw — undisclosed until this weekend — allows hackers to gain access to internal systems without user credentials. No patch has been released yet, and Microsoft has only issued an advisory recommending mitigation steps.

microsoft sharepoint server

New Zealand Joins Warnings as Alert Goes Out

In Wellington, the GCSB’s National Cyber Security Centre (NCSC) issued a rare and urgent advisory late Sunday night.

It warned of two critical vulnerabilities affecting on-premise SharePoint servers and urged all New Zealand organizations using the platform to review Microsoft’s advisory and apply available mitigations immediately.

Here’s what they urged organizations to do:

  • Review Microsoft’s SharePoint advisory in full

  • Apply all current mitigations and updates available

  • Isolate vulnerable servers if possible

  • Enable enhanced monitoring for suspicious access

The agency stopped short of naming affected New Zealand entities but confirmed “multiple organizations have been put at significant risk.”

A Microsoft NZ spokesperson said their local team was working closely with affected customers and pointed back to the advisory — no word yet on when a permanent patch will land.

Microsoft Under Pressure Again

This isn’t the first time Microsoft has faced heat over cybersecurity lapses — not by a long shot.

Just last year, the company was sharply criticized by a U.S. government-appointed panel for failing to detect a 2023 Chinese cyber-espionage campaign that compromised high-level U.S. government emails, including those of then-Commerce Secretary Gina Raimondo.

The panel described Microsoft’s security protocols as “inadequate for a company of its size and critical importance.”

One cyber analyst put it more bluntly Sunday: “Microsoft’s security gaps are turning into national vulnerabilities.”

And this time, it’s not a boutique or obscure system at fault. It’s SharePoint — the bread and butter of internal documentation for everything from small colleges to nuclear regulators.

Unconfirmed Damage, Widespread Fear

So far, few details have emerged about exactly what data has been compromised.

Some state agencies in the U.S. have reportedly shut down internal document sharing systems as a precaution. Several universities in Europe and the U.S. have alerted faculty and staff to “limit use of SharePoint until further notice,” per internal emails reviewed by The Washington Post.

According to one researcher familiar with the attack, the compromise method used does not trigger immediate detection logs — allowing hackers to “sit silently for days” before discovery.

One sentence. Because that’s how long it takes to steal a month’s worth of emails.

Cybersecurity firm Mandiant, which is assisting multiple clients in the U.S. and Asia, said in a statement that the attackers “appear to be highly sophisticated, possibly state-aligned, and interested in information theft rather than destruction.”

How Bad Could This Get?

This may just be the tip of the iceberg.

Experts warn that the number of compromised entities could grow sharply in the next few days as more forensic work is completed. Many SharePoint servers are self-hosted by institutions that lack full-time IT staff or cyber response capabilities — making them particularly vulnerable.

One former NSA official described the SharePoint flaw as “a backdoor into the global admin closet.”

And the longer the delay in patching the flaw, the more servers remain exposed.

Author

henry
Henry Wilson is a talented and versatile article writer who can produce high-quality content on various topics and niches. He has a knack for quick writing, as he can research, write and edit an article in less than an hour. He is also skilled in SEO, copywriting and proofreading, and knows how to optimize his articles for different platforms and audiences. He has a degree in journalism from the University of Sydney and has worked for several online publications, such as The Conversation, The Guardian and BuzzFeed. He is passionate about sharing his knowledge and opinions with the world, and always strives to deliver engaging and informative content.
Other Posts
  • Related Articles
  • More from Author

No related posts.

Leave a Reply

Your email address will not be published. Required fields are marked *