ilustrasi data center dok piaxabay 1 169 Mitra IT | Your Trusted & Reliable Software Solutions

Microsoft Hacked by China,

Hundreds of Companies Affected

Jakarta, CNBC Indonesia More than 100 global organizations have reportedly fallen victim to digital espionage exploiting a security flaw in Microsoft’s server software. This case implicates China, which is suspected of involvement in the attack.

Microsoft itself has confirmed an active attack on self-hosted SharePoint servers, which are commonly used by organizations for document sharing and internal collaboration. The version of SharePoint hosted directly by Microsoft was not affected.

This attack is classified as a “zero-day” attack because it exploits a previously undisclosed security flaw. This vulnerability allows attackers to infiltrate servers and install a backdoor to gain permanent access to the victim’s network.

The attack was first uncovered by Dutch cybersecurity firm Eye Security, which, along with the Shadowserver Foundation, discovered nearly 100 affected systems. Most of the victims are said to be from the United States and Germany, including government agencies.

“This is unambiguous,” said Vaisha Bernard, chief hacker at Eye Security, as quoted by Reuters, Tuesday (July 22, 2025).

He warned that many more organizations may have been compromised but remain undetected.

He declined to identify the affected organizations, but stated that the relevant national authorities have been notified.

The Shadowserver Foundation confirmed the number of victims at 100. They said most of the victims were in the United States and Germany, including government organizations.

There is no confirmation yet on who the main perpetrators are behind this attack. However, Google has detected links to a China-based cyber threat actor.

The Chinese government, through its embassy in Washington, has not yet responded. However, Beijing has consistently denied allegations of international cyberattacks.

The FBI stated it was aware of the attack and was coordinating with federal and private partners to address it. In the UK, the National Cyber Security Center reported a limited number of targeted attacks.

This threat is not expected to end. Data from the search engine Shodan indicates that more than 8,000 servers across the internet could have been compromised, while Shadowserver puts the minimum figure at more than 9,000.

“This SharePoint incident appears to have resulted in a massive breach of servers worldwide,” said Daniel Card of the British cybersecurity consultancy PwnDefend.

He emphasized the importance of a comprehensive mitigation approach, not just installing security patches.

SOURCE : CNBC INDONESIA