Microsoft Tapped China Engineers for SharePoint Support

A new investigation has revealed that Microsoft relied on China-based engineers to provide technical support and bug fixes for SharePoint, the same collaboration software that was recently exploited by Chinese state-sponsored hackers in a massive cyberattack affecting hundreds of organizations, including sensitive U.S. government agencies.

Last month, Microsoft announced that Chinese hackers had successfully exploited vulnerabilities in SharePoint to breach the computer systems of numerous companies and government agencies, including the National Nuclear Security Administration and the Department of Homeland Security.

However, what the company failed to disclose in its announcement was that SharePoint support has been handled by a China-based engineering team for years.

According to internal Microsoft work-tracking system screenshots reviewed by ProPublica, China-based employees were recently fixing bugs for SharePoint “OnPrem” – the on-premises version of the software that was targeted in last month’s attacks.

This version refers to software installed and operated ...