Global hacker attack, Microsoft flaw exploited

A global-scale attack on Microsoft software used by US federal agencies, but also by tens of thousands of companies worldwide, threatens millions of documents and data. The cyber-attack began on Saturday, when the tech giant issued an alert warning of 'active attacks' on SharePoint servers. According to experts, the hackers managed to exploit a security flaw in the software, despite the fact that in recent weeks Microsoft had assured that it had resolved a number of problems with the system's penetrability. It is unclear who is behind the attacks and what their ultimate goal is. According to a private research company, the hackers targeted servers in China, a parliament in a US state, and at least two US federal agencies. According to data from Shodan, a search engine that helps identify Internet-connected equipment, more than 8,000 online servers may already have been compromised by hackers. These include major corporations, banks, auditors, healthcare companies, and several US government entities.

The US, Canada and Australia are investigating the server compromise, and the Italian Cybersecurity Agency has assured that Microsoft has released security updates in the last few hours to cover the two Sharepoint system vulnerabilities.

For Pierluigi Paganini, cybersecurity expert and professor of cybersecurity at the Luiss Guido Carli University, 'this is a flaw with a severity score of 9.8 out of 10 and there are all the conditions for a perfect storm: it is necessary for those realities that use systems of this type to apply countermeasures'. At the moment, 'it is not possible to attribute the attack, it is premature', emphasised the expert Paganini on the hypothesis that the attack could be considered a response to the dismantling by Eurojust and Europol of the NoName057 network of pro-Russian hackers.

According to the analysis of Rafe Pilling, director of the British computer security company Sophos, the attack was carried out by a single group of hackers. "Judging by the consistency of the techniques, the cyber attack appears to have been carried out by a single actor. However, it is possible that the situation will change quickly,' he pointed out. The FBI said on Sunday that it was aware of the attacks and was in contact with its federal and private sector partners, but gave no further details.