China-backed hackers breach key American nuclear agency

Chinese state-sponsored hackers have exploited vulnerabilities in Microsoft software to breach sensitive systems around the world, including those of the U.S. government agency that oversees nuclear weapons, Bloomberg News reported Tuesday.

Microsoft alerted customers on Tuesday that groups believed to be backed by the Chinese government  — Linen Typhoon, Violet Typhoon and Storm-2603 — targeted flaws in its SharePoint document sharing software, allowing the hacking groups to access internal files and systems. While Microsoft has patched the security gaps, researchers have already confirmed that more than 100 servers tied to approximately 60 organizations have been infiltrated, including the U.S. National Nuclear Security Administration (NNSA), according to Bloomberg News.

The NNSA, a semi-autonomous agency under the Department of Energy (DOE), is responsible for managing the nation’s nuclear arsenal, supplying nuclear reactors for the U.S. naval fleet and responding to nuclear terrorism and nuclear proliferation.

A source familiar with the breach told Bloomberg News that multiple systems at the DOE were compromised, but no classified or sensitive data is known to have been stolen. DOE did not respond to the Daily Caller News Foundation’s request for comment.

Other government entities known to have been impacted by the breach include the U.S. Department of Education, Florida’s Department of Revenue and the Rhode Island General Assembly. In total, as many as 10,000 organizations worldwide could be at risk, Silas Cutler, a researcher at the Michigan-based cybersecurity firm Censys, told Bloomberg News.

​​“It’s a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,” Cutler told Bloomberg News.

While Chinese officials have dismissed allegations of government involvement as “smears,” a February 2024 report from the Office of the Director of National Intelligence identified China as America’s top cybersecurity adversary, posing a threat to both government and private sector entities. Notably, in 2023, Chinese hackers compromised the emails of the U.S Commerce and State Departments, including those of the U.S. ambassador to China.

In addition to infiltrating telecommunications and government systems, Chinese cybercriminals also have the capacity to shut down large segments of the power grid and major American ports, then-National Security Adviser Jake Sullivan reportedly told former President Joe Biden in 2023, according to The Wall Street Journal.

For over a decade, Microsoft had been funneling work through American “digital escorts” — low-pay workers with security clearances but often possessing limited technical expertise — who input commands from more skilled China-based engineers into U.S. Department of Defense networks, a recent ProPublica investigation found. Microsoft announced on July 18 that it would halt the practice after national security and cybersecurity experts raised concerns that these engineers could gain access to sensitive government data.

Latest posts by Melissa ORourke (see all)

We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. Thank you for partnering with us to maintain fruitful conversation.