Posted on 07/27/2025 7:42:45 AM PDT by Twotone
Foreign agents were able to penetrate the systems of the U.S. agency responsible for maintaining and designing nuclear weapons.
The National Nuclear Security Administration, which operates under the United States Department of Energy, was compromised along with other sectors of the department.
According to Bloomberg, while the NNSA is semiautonomous, it still holds the responsibility of producing and dismantling nuclear arms in the United States. This makes the intrusion even more concerning when considering the origins of those who penetrated the system.
The Energy Department revealed in an email to Bloomberg that an "exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy" on Friday, July 18.
The email continued, "The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored."
While the government entity did not expose information about the source of the intrusion, Microsoft revealed on its own blog that it has identified multiple hostiles working on behalf of a foreign entity.
In a blog post published Tuesday, Microsoft explained that vulnerabilities in their SharePoint servers have been targeted by three "Chinese nation-state actors."
"Linen Typhoon and Violet Typhoon" were the first two Chinese groups identified by Microsoft, the blog explained. Microsoft then said, "In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities."
Microsoft noted in a separate blog post that "on-premises" customers have been under attack as a result of the hack as well.
"Microsoft is aware of active attacks targeting on-premises SharePoint Server customers by exploiting vulnerabilities partially addressed by the July Security Update," the company wrote.
Although an anonymous source told Bloomberg that no sensitive or classified information was known to have been compromised in the attack, the outlet also reported that the breach was only possible due to a 2020 hack on software manufactured by IT company SolarWinds. That attack swept up a trove of Department of Justice email credentials.
This means that foreign agents have been working against the United States, using the same compromised data for nearly five years.
The 2020 hack saw the DOJ attribute the malicious intrusions to Russia, with about 3% of its Microsoft Office 365 email accounts potentially compromised.
At the time, the Office of the Director of National Intelligence, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency released a joint statement saying the work "indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks."
Microsoft has advised users to download the latest security updates for the affected programs, as hackers have stolen sign-in credentials, usernames, passwords, codes, and tokens as part of previous attacks, according to Bloomberg.
Blaze News reached out to the Department of Defense regarding any possible exploitations they may be concerned about but did not receive a reply.
Well I’m sure hiring more Chinese people for tech support should help fix this problem
The fact that someone decided that it was a good idea to connect these systems to the internet angers me beyond words.
“IT security” in the US government = incompetence.
Perhaps if they weren’t giving access to FLAMING LEFTIST, particularly at US universities, they’d have better security.
No worries - now that China has long had the source code for MS products, it safe to keep on using MS products for high security sites.
it’s not hacking when you give them the passwords and store the data in a ‘cloud’ hosted on their data centers in china
If hackers are able to get in, it’s amazing that we still don’t have adequate inverse tech to track them down and destroy them as a deterrent. We just seem to accept hackers as hackers and not focus enough on hackers being taken out by drone strikes.
Don’t tell me, let me guess ... the password for access was “123456” or “Password” ... oh wait the last one was too complicated ... should have been “password”.
North Korea and/or China
Microsoft, it’s almost as if they are assisting the bad actors.
Why isn’t the NNSA on its own? The DOE was part of the reason we have names like three mile island, shoreham.
Oh great...
"24", Season 4
Microsoft and the evil Bill Gates ARE bad actors.
Technology is advancing at such a record pace that its hoped hackers can be prevented from getting into Russian, US or other nations nuclear codes for launching.
I’m with you on that one. It’s just flat out stupid to allow computer systems containing super sensitive information to be hooked up to the internet.
Everybody already knows everything about everybody else anyway. The problem is making the public think they are safe in the US while foreign countries having their people think they will survive a nuclear engagement. It’s all a big eye to eye stand down nobody can win. And if you can get outside of the game it is almost funny to hear of people that buy into it. We are all pawns for the perceived powerful. And in the long run, they don’t mean squat either as they will be just as dead.
wy69
Why are the NNSA on the internet?
It should be a closed offline system.
They can always have other computers online with no way to transmit files by way of usb drives or email with sensitive information etc. watched over by cameras as well so everyone knows who access those computers.
Heck at work the laserjet printer was locked. You had to have a password to print.
Not only are they connected to the internet, but they are using the cloud! How far we have fallen.
War Games the movie.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.