The cybersecurity firm Eye Security from the Netherlands reports that 400 organizations have been targeted by a large-scale cyber-espionage campaign through unsecured Microsoft SharePoint servers. The breach has expanded four times larger than previous assessments which demonstrates its increasing scale.
The attackers exploited a SharePoint software flaw which Microsoft tried to fix but failed to completely resolve. The suspected Chinese state-linked hackers exploited the vulnerability before security teams could take action. Beijing has denied any involvement.
The actual number of victims might exceed Eye Security’s count because their assessment relies on server scan forensic evidence but they acknowledge additional victims exist beyond detectable artifacts. Vaisha Bernard from the firm stated that ”There are many more, because not all attack vectors have left artifacts we could scan for.”
The affected organizations remain unidentified since Microsoft has not released any information about them. The company faces increasing criticism about its security vulnerability management following multiple major breaches during the past years.
The attack increases worries about worldwide cybersecurity weaknesses particularly affecting enterprise software systems. Security professionals advise organizations to conduct system audits and apply immediate patches yet they caution that some networks might have suffered permanent damage.
