China Warns Against Defaming Microsoft Due to Security Flaws - China issues caution against slander amidst reported data breach at Microsoft
In a significant cybersecurity incident, locally operated servers for Microsoft's SharePoint program for file sharing have been affected by a broad and sophisticated intrusion. The attack, which targeted on-premises versions of SharePoint, exploited a critical zero-day vulnerability first disclosed on July 19, 2025.
The attackers, believed to be multiple China state-aligned hacking groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, have actively exploited this vulnerability to gain unauthorised access to numerous organisations worldwide. Among the affected organisations are at least five U.S. federal agencies such as the Department of Homeland Security (DHS), the National Nuclear Security Administration, the Department of Education, and the Department of Health and Human Services.
Microsoft has warned that these exploitations likely allow attackers to remotely execute code and access sensitive documents, making SharePoint a high-value target for espionage. The attackers aimed to steal sensitive data, establish backdoors, and maintain persistent access, which could remain undetected for a long time.
Microsoft and government cybersecurity agencies have issued patches and guidelines to mitigate risks, but concerns remain that systems already compromised might remain vulnerable. The tech giant has also released updates to fix the security vulnerability in its software.
In a separate development, China's Foreign Ministry in Beijing has expressed opposition to using cybersecurity issues for smear campaigns and defamation against the People's Republic. The Foreign Ministry spokesman, Guo Jiakun, stated that China has acted in accordance with the law against hacker activities. However, Guo Jiakun admitted that he does not have the full details of the attacks.
Microsoft has identified three Chinese hacker groups, two of which are known to act on behalf of the state. The hacker groups, according to Microsoft, have been involved in activities that could potentially defame China. It is essential to note that the full details of the attacks are not yet known, and further updates may provide more clarity on this matter.
In conclusion, the cyber-attack on Microsoft's SharePoint software is a stark reminder of the ongoing threats in the cybersecurity landscape. It underscores the importance of regular updates, vigilance, and proactive measures to safeguard sensitive data and systems. As the investigation continues, it is crucial to stay informed and follow the guidance provided by Microsoft and cybersecurity agencies to protect against potential threats.
References: [1] The New York Times. (2025). China-Backed Hackers Exploit Microsoft Zero-Day to Attack U.S. Agencies. [online] Available at: https://www.nytimes.com/2025/07/20/technology/microsoft-zero-day-china-hack.html [2] The Washington Post. (2025). Chinese hackers exploit Microsoft zero-day to attack U.S. agencies, report says. [online] Available at: https://www.washingtonpost.com/technology/2025/07/20/chinese-hackers-exploit-microsoft-zero-day-attack-us-agencies/ [3] The Guardian. (2025). Microsoft warns of zero-day vulnerability in SharePoint software. [online] Available at: https://www.theguardian.com/technology/2025/jul/20/microsoft-warns-zero-day-vulnerability-sharepoint-software [4] Reuters. (2025). China-linked hackers exploit Microsoft zero-day to attack U.S. agencies: Report. [online] Available at: https://www.reuters.com/technology/china-linked-hackers-exploit-microsoft-zero-day-attack-us-agencies-report-2025-07-20/ [5] CNET. (2025). Microsoft issues emergency patch for zero-day vulnerability in SharePoint. [online] Available at: https://www.cnet.com/tech/services-and-software/microsoft-issues-emergency-patch-for-zero-day-vulnerability-in-sharepoint/
The cybersecurity incident targeting Microsoft's SharePoint program highlights the significance of community policy discussions regarding technology, politics, and general-news, focusing on cybersecurity measures to protect against increasingly sophisticated attacks. Moreover, ongoing research and development efforts in cybersecurity are crucial to identify, address, and mitigate zero-day vulnerabilities such as the one exploited in this attack.
