Foreign Agents Breach US Nuclear Agency Systems

Agents from abroad managed to access the systems at U.S. agencies that oversee the design and maintenance of nuclear weapons. This includes the National Nuclear Security Agency, operating under the Department of Energy, which has also faced compromise, alongside other departments within the agency.

The NNSA, while semi-automated in its operations, has a significant role in both producing and dismantling nuclear arms in the U.S. This situation raises serious concerns, especially considering who might be behind the infiltration.

“Microsoft is aware of active attacks targeting on-premises SharePoint Server customers,” the company stated.

On July 18, the Energy Division sent out an email to Bloomberg, indicating that they have begun to experience effects from exploiting a recent Microsoft SharePoint Zero Day vulnerability.

They also noted, “While the Microsoft M365 cloud and robust cybersecurity measures are in place, the department experienced minimal impact overall. A small number of systems were affected, and all have since been restored.”

There was no information disclosed about the specific cause of the breach, but Microsoft, in its own blog, mentioned identifying several foreign-backed adversaries involved in the attacks.

In a blog posted on Tuesday, Microsoft explained that vulnerabilities in SharePoint servers were targeted by three Chinese state-sponsored groups. The first two, known as “Linen and Violet Typhoons,” were identified, with another one referred to as Storm-2603 also exploiting these issues.

Furthermore, Microsoft highlighted that on-premises customers are also facing aggressive attacks resulting from this hacking incident.

According to another blog entry from Microsoft, they confirmed their awareness of forces targeting on-premises SharePoint Server customers, leveraging vulnerabilities initially outlined in a July security update.

An anonymous source shared with Bloomberg that it’s still unclear whether classified information was part of the breach, though it’s evident that this breach was made possible due to a 2020 hack involving SolarWinds software. This earlier breach led to the compromise of email credentials throughout the Department of Justice.

This suggests that foreign entities might have been working against U.S. interests using compromised data for almost five years now.

The 2020 hack saw the DOJ attributing malicious activities to Russian actors, likely impacting around 3% of Microsoft Office 365 email accounts.

At that time, officials from the Director of National Intelligence, the National Security Agency, and the Bureau of Cybersecurity and Infrastructure Security jointly stated that it seemed highly probable that Russian involvement might have led to the ongoing cyber threats.

Bloomberg reported that hackers are suggesting users should update to the latest security versions for the affected applications, as names, passwords, and tokens were compromised during the incident.

The Blaze News reached out to the Department of Defense seeking commentary on whether they were concerned about this exploitation but had not received a response at the time.