科技巨頭稱微軟伺服器遭中國駭客攻擊

Microsoft, one of the world’s largest technology companies, has revealed that some of its SharePoint servers were hacked by groups believed to be based in China. These hackers, identified as Linen Typhoon, Violet Typhoon, and Storm-2603, managed to exploit weaknesses in the on-premises versions of SharePoint, which are servers that companies keep and manage themselves, rather than the cloud-based version that Microsoft also offers. According to Microsoft, these groups are either backed by the Chinese government or operate from within China. The hackers targeted the data of businesses using these servers, and Microsoft responded by releasing security updates to fix the vulnerabilities. The company strongly advised all customers who use on-premises SharePoint servers to install these updates immediately to protect their data.

The Chinese government has denied any involvement in the attacks. A spokesperson from the Chinese embassy in the United States stated that China opposes all forms of cyber attacks and cyber crime, and also opposes making accusations without solid evidence. Despite these denials, Microsoft said it has high confidence that the hackers will continue to target systems that have not been updated with the latest security patches. The company is still investigating the situation and has promised to provide more information as it learns more.

Security experts from Mandiant Consulting, a division of Google Cloud, told the BBC that they are aware of several victims across different industries and countries. The main targets appear to be governments and businesses that use SharePoint on their own sites. The hackers were able to steal encrypted information and then use it to keep accessing the victims’ data. The attacks were widespread and happened quickly, before Microsoft could release a fix. This made the situation especially serious. Linen Typhoon has reportedly been stealing intellectual property for 13 years, mainly from organizations related to government, defense, and human rights. Violet Typhoon has focused on espionage, targeting former government and military staff, non-governmental organizations, think tanks, universities, the media, banks, and hospitals in the US, Europe, and East Asia. Storm-2603 is also believed to be a China-based group. Microsoft and other security experts are working hard to protect customers and prevent future attacks, but they warn that the threat is not over yet.