Microsoft Hack Victims Need to be on Alert for Sleeper Cells: A SharePoint Flaw Reveals Risks of On-Premises Servers in Global Cyber War

In May, a Vietnamese cybersecurity researcher made a groundbreaking discovery at an event designed to encourage ethical hacking that makes our technology more robust. Dinh Ho Anh Khoa uncovered a vulnerability in Microsoft's document management software, SharePoint, which has sent shockwaves through the cybersecurity community.

Khoa received $100,000 from Trend Micro, the security group that sponsored the event, as part of the deal. As part of the agreement, flaws discovered in these competitions must be kept under wraps to give affected companies time to assess the threat, work on a fix, test it, and then release it.

Microsoft released its patch for the vulnerability by July 8, a reasonable timeframe given there had been no indication the hack had been used "in the wild" until July 7. However, within days of the purported fix, it became clear that Microsoft engineers had missed something. Sophisticated actors, believed to be working on behalf of China, had found a work-around.

The vulnerability has been used to target hundreds of entities, including government agencies and organizations in various industries. Late last month, the U.S. Nuclear Weapons Safety Agency was reported to be among those affected. The attack enables hackers to gain unrestricted access to a victim's SharePoint system and any valuable data it contains.

Experts have warned that this exploit would allow bad actors to "execute code" on that server, which could lead to serious consequences for the victims.

Microsoft hurriedly updated its patch, releasing it on July 21. Experts are now watching to see whether it holds up against the sophisticated attackers. The incident highlights the risks of using on-premises servers in global cyber warfare and the importance of timely patches and updates.

In a time of both misinformation and too much information, quality journalism is more crucial than ever. By subscribing, you can help us get the story right. With your current subscription plan, you can access premium stories, but before writing your first comment, please create a display name in the Profile section of your subscriber account page.

Your subscription plan doesn't allow commenting on every article. To learn more about our FAQ and planned features, visit our website. Our team has carefully planned and edited this content for you by JT Media Enterprise Division.