A critical vulnerability in Microsoft SharePoint has left multiple U.S. government agencies unguarded to cyberattacks. One of the agencies affected is the National Nuclear Security Administration (NNSA). Microsoft said the flaw is under “active attack” and described it as a zero-day vulnerability. This means the issue was unknown and unpatched when hackers began to exploit it.
The flaw targets servers where agencies manage SharePoint software on their own. These are often used to share documents inside organizations. Microsoft said that cloud-based versions of SharePoint are not affected. This limits the damage, but many departments still face real risks.
US nuclear agency, NNSA, hit by cyberattack
The NNSA, which manages the U.S. nuclear arsenal and supports Navy reactor systems, was among the targets. The agency also responds to nuclear emergencies. CCTV News confirmed that attackers accessed NNSA systems during this attack wave.
Officials say they have not seen signs that any secret or sensitive data was leaked. Still, the total impact is unclear. The U.S. Cybersecurity and Infrastructure Security Agency and other key groups have not yet shared public updates.
Energy Department confirms limited effect
The U.S. Department of Energy said the attack began on Friday, July 18. A spokesperson explained that only a small number of systems were affected. The agency credited its strong security tools and use of Microsoft’s M365 cloud service for helping to limit the damage. Only a very small number of systems were affected. All affected systems are being restored,” the spokesperson added.
Not the first breach, and not just in the U.S.
The NNSA was also one of many U.S. agencies hit by the 2020 SolarWinds hack, which involved similar software flaws. At that time, the Energy Department said that the breach was limited to its business systems.
This new SharePoint flaw has affected more than just U.S. systems. Some governments in Europe and the Middle East were also attacked. In the U.S., the Department of Education, Florida’s Department of Revenue, and Rhode Island’s State Legislature were all impacted.
The full scale of the damage is still being assessed. What’s clear, however, is that running SharePoint servers locally creates real security risks, especially when those systems handle vital government work.
