Microsoft Warns Of Attacks On Sharepoint Server Systems

Photo: AFP

Microsoft, one of the biggest technology companies in the world, has issued an urgent warning. It said that some hackers are carrying out “active attacks” on special computer programs called server applications. These server applications are used by government offices and private companies to share their important internal documents securely.

Which Application Is Affected?

The attacks are aimed at Microsoft SharePoint servers. SharePoint is a software that helps people in an organisation to store, organise, and share information safely within their office network. Many schools, hospitals, companies, and government departments use SharePoint to manage their files.

Stay informed with the latest news. Follow DXB News Network on WhatsApp Channel 

What Did Microsoft Say?

On Saturday, Microsoft released an alert. In that alert, it clearly said that:

• These attacks are only affecting on-premises SharePoint servers.
  (On-premises means servers that organisations manage and keep themselves inside their office buildings or data centres.)

• SharePoint Online, which is the cloud-based version included in Microsoft 365, is not affected by these attacks.
  (Cloud-based means it is managed by Microsoft on the internet instead of being kept physically in the office.)

How Serious Is This Attack?

According to The Washington Post, the hackers used a software flaw to attack not just companies in the United States but also government agencies and organisations around the world. Experts have called this a “zero-day” attack.

What Is A Zero-Day Attack?

A zero-day attack is very dangerous because it uses a security problem in a computer system that:

• Has not been discovered before.

• Has no existing solution or fix at the time it is attacked.

Because nobody knew about this flaw earlier, the attackers could take advantage of it secretly. This puts tens of thousands of servers at risk of being controlled, spied upon, or used for harmful purposes without the owner’s knowledge.

What Did The FBI Say?

On Sunday, the Federal Bureau of Investigation (FBI) confirmed that it was aware of these dangerous attacks. The FBI said it was working closely with federal agencies and private companies to understand the attack and reduce its impact. However, the FBI did not share further details about how many organisations were affected or who might be behind these attacks.

How Does This Attack Work?

In its alert, Microsoft explained that the vulnerability allows an attacker to carry out something called spoofing over a network.

What Is Spoofing?

Spoofing is when:

• A hacker hides their real identity and pretends to be someone else.

• They can act like a trusted person, organisation, or website.

• This is done to fool others into believing they are genuine.

Through spoofing, hackers can enter systems without raising alarms. They can steal sensitive information, change important files, or carry out harmful activities without being noticed quickly.

What Has Microsoft Done?

Microsoft said it has:

• Released a security patch for the SharePoint Subscription Edition to fix this problem.
  (A patch is a small software update that repairs flaws and protects the system from attacks.)

• Asked all customers using SharePoint Subscription Edition to install the patch immediately.

What About Other SharePoint Versions?

Microsoft also said it is working on security patches for older versions of SharePoint, like:

• SharePoint 2016

• SharePoint 2019

However, these patches are not yet ready. Until these updates become available, Microsoft has advised all customers using these older versions to:

• Turn on the recommended malware protection if possible.

• If malware protection cannot be activated, take the servers offline temporarily to stop attackers from entering and causing damage.

Why Is It Important To Install The Patch Quickly?

Installing the patch immediately is necessary because:

• The longer the servers remain unprotected, the more chances hackers have to break in.

• If hackers get access, they can read, steal, delete, or change the data stored in these servers.

• For government agencies, this could mean loss of national security data.

• For companies, this could lead to financial losses, data leaks, and damage to reputation.

What Should Organisations Do Now?

Microsoft has shared guidance to prevent further attacks. Organisations should:

1. Check if their servers are using SharePoint Subscription Edition.

2. If yes, immediately install the security patch released by Microsoft.

3. If they are using SharePoint 2016 or 2019, wait for the security patch but remain alert.

4. If they cannot turn on the recommended malware protection, they must consider taking the servers offline until the fix arrives.

Did Microsoft Respond To The Media?

When The Washington Post and other media agencies contacted Microsoft for further comments, the company did not provide any immediate response apart from the public alert it released.

Why Is This News Important For Everyone?

Even though this news talks about attacks on government and company servers, it affects everyone because:

• If government data is stolen, it can affect national security and public safety.

• If companies lose their data, it can impact jobs, services, and customer information.

• Hackers can also use stolen data to plan other attacks on people or spread wrong information.

Stay Safe And Updated

In today’s world, where everything is connected to technology, such attacks show why cybersecurity is important. Everyone must:

• Use strong passwords.

• Keep their software updated.

• Be careful about suspicious emails or websites.

For organisations using Microsoft SharePoint, following Microsoft’s instructions quickly is the best way to stay safe from these active and dangerous attacks.