Login to Continue Learning
In a recent article, ProPublica revealed that internal communication systems showed Microsoft relied on a China-based engineering team for SharePoint support. SharePoint allows organizations to set up internal networks and link their computers. The July breach allowed attackers to gain control of SharePoint’s servers, enabling them to install unauthorized software and backdoors for future access. This affected versions of SharePoint dating back to 2016, with reports suggesting U.S. federal agencies were also compromised.
Microsoft initially responded by identifying other SharePoint vulnerabilities that could pose future threats but were not exploited at the time of discovery. According to today’s report, China-based teams fixed bugs in SharePoint, which users can operate on their own devices (referred to as ‘OnPrem’). While Microsoft did not admit the presence of these Chinese teams in its initial statement, it confirmed to ProPublica that such a team exists and is “supervised by a U.S.-based engineer and subject to all security requirements and manager code review.”
Work is underway to shift this support work to another location. The involvement of China-based engineering teams has been contentious due to concerns about the Chinese government’s requests for cooperation, stemming from a 2017 law that mandates compliance with state requests.
The penetration of the July hack was significant, affecting organizations like the National Nuclear Security Administration (NNSA), which maintains U.S. strategic assets. The Department of Energy, overseeing the NNSA, stated that the impact was “minimal,” with only a small number of systems affected.
