DHS impacted in hack of Microsoft SharePoint products, people familiar say
nextgov.com
The zero-day vulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to Microsoft.
The Department of Homeland Security was affected by a broad intrusion into on-premises versions of Microsoft SharePoint, according to multiple people familiar with the matter.
The Cybersecurity and Infrastructure Security Agency notified more than a dozen federal entities of the possible compromise, one person said. Another pegged the total to at least five agencies.
The people spoke on the condition of anonymity because the matter is sensitive. Politico reported an estimate of four to five agencies on Tuesday.
DHS has multiple component agencies, including CISA, the Transportation Security Administration, Customs and Border Protection and the Federal Emergency Management Agency.
Microsoft has already attributed some of the hacking activity to Chinese state-aligned groups, but it’s not known whether China-linked entities themselves were responsible for the hit to DHS. Security patches ...
Copyright of this story solely belongs to nextgov.com . To see the full text click HERE