Washington – Headquarters of the Ministry of Internal Security, several of its component agencies and the Ministry of Health and Social Services were hacked as part of a wider violation of Microsoft’s SharePoint serviceAccording to several US officials.
Microsoft confirmed that its software was targeted by Chinese players who deployed ransomware on the file sharing and storage platform.
“Microsoft observed two Chinese actors in the Chinese nation state, the typhoon of linen and the purple typhoon exploiting these vulnerabilities targeting the SharePoint Internet servers,” wrote the company in a blog Earlier this week. Guo Jiakun, spokesperson for the Chinese Foreign Ministry, said On Tuesday, he “did not know the details” of the cyber attack and the accusations of Chinese guilt.
Two sources told CBS News that SharePoint was not available Tuesday for several hours for users of the Defense Intelligence Agency.
The National Institutes of Health were also affected by the violation. The NIH conducts biomedical research and studies infectious diseases.
A White House official said that the White House “closely monitored the situation” and that the government “acted very quickly to identify and immediately attenuate this hack”.
“We work with all agencies to correct vulnerabilities and mitigate the impact,” said the official.
DHS spokesperson Tricia McLaughlin said that the cybersecurity and infrastructure security agency had quickly launched a national response coordinated by an initial alert and two cybersecurity updates “when vulnerability was detected last Friday.
“The CISA has worked 24 hours a day with Microsoft, affected agencies and critical infrastructure partners to share exploitable information, apply mitigation efforts, implement protective measures and assess preventive measures to protect future attacks,” said McLaughlin, adding that there is “no proof of data exfiltration to DHS or one of its components at this time”. “”
Microsoft has published a software update To correct the vulnerability.
In April, President Trump dismissed General Timothy Haugh, the head of the National Security Agency and Cyber Command.
contributed to this report.
