Foreign agents were able to penetrate the systems of the U.S. agency responsible for maintaining and designing nuclear weapons.
The National Nuclear Security Administration, which operates under the United States Department of Energy, was compromised along with other sectors of the department.
According to Bloomberg, while the NNSA is semiautonomous, it still holds the responsibility of producing and dismantling nuclear arms in the United States. This makes the intrusion even more concerning when considering the origins of those who penetrated the system.
‘Microsoft is aware of active attacks targeting on-premises SharePoint Server customers.’
The Energy Department revealed in an email to Bloomberg that an “exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy” on Friday, July 18.
The email continued, “The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored.”
While the government entity did not expose information about the source of the intrusion, Microsoft revealed on its own blog that it has identified multiple hostiles working on behalf of a foreign entity.
RELATED: Microsoft ‘escort’ program gave China keys to Pentagon
Missile launch station in Cold War-era underground bunker, Minuteman Missile National Historic Site, South Dakota. Photo by: Education Images/Universal Images Group via Getty Images
In a blog post published Tuesday, Microsoft explained that vulnerabilities in their SharePoint servers have been targeted by three “Chinese nation-state actors.”
“Linen Typhoon and Violet Typhoon” were the first two Chinese groups identified by Microsoft, the blog explained. Microsoft then said, “In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities.”
Microsoft noted in a separate blog post that “on-premises” customers have been under attack as a result of the hack as well.
“Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update,” the company wrote.
Although an anonymous source told Bloomberg that no sensitive or classified information was known to have been compromised in the attack, the outlet also reported that the breach was only possible due to a 2020 hack on software manufactured by IT company SolarWinds. That attack swept up a trove of Department of Justice email credentials.
This means that foreign agents have been working against the United States, using the same compromised data for nearly five years.
RELATED: DOJ email accounts compromised in SolarWinds hack attributed to Russians
First thermonuclear test on October 31, 1952. Photograph on display in the Bradbury Science Museum, photo copied by Joe Raedle
The 2020 hack saw the DOJ attribute the malicious intrusions to Russia, with about 3% of its Microsoft Office 365 email accounts potentially compromised.
At the time, the Office of the Director of National Intelligence, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency released a joint statement saying the work “indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks.”
Microsoft has advised users to download the latest security updates for the affected programs, as hackers have stolen sign-in credentials, usernames, passwords, codes, and tokens as part of previous attacks, according to Bloomberg.
Blaze News reached out to the Department of Defense regarding any possible exploitations they may be concerned about but did not receive a reply.
Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!
Read the full article here
