Cyberattacks have targeted Microsoft SharePoint software used by American government agencies. The computer giant has issued a security alert to explain to its customers the process to follow. For its part, the FBI follows this file very closely.
Published on Saturday, Microsoft’s alert announced that security flaws have been discovered in SharePoint having given rise to “active attacks”, recommending security updates that customers should apply immediately.
According to the Washington Post, which reported the cyber attacks, unidentified actors have exploited a flaw in recent days and targeted from American and international agencies and businesses.
Attacks affect servers software used by government agencies and businesses to share documents within organizations. However, according to Microsoft, flaws only concern SharePoint servers used within organizations, while SharePoint Online in Microsoft 365, hosted in the cloud, would not be concerned.
The FBI told the American press on Sunday to be aware of incidents and that it worked closely with federal and private partners to counter the threat.
“We have worked closely with the CISA, the DOD Cyber Defense Command and the main cybersecurity partners worldwide throughout our response,” said a Microsoft spokesman quoted by Reuters.
It is indicated that this type of attack is the quality of “Zero Day” since it exploits a vulnerability hitherto unknown. This type of attack is done by “identity theft” of a network, which allows in particular to manipulate the financial markets or the agencies, while being able to pretend to be a person, an organization or a website of trust.
