Cyberattack targets U.S. nuclear security agency

The U.S. National Nuclear Security Administration (NNSA), which oversees the maintenance and design of the country’s nuclear weapons stockpile, was breached through a cyberattack on Microsoft’s SharePoint document management software.

As reported by Bloomberg, a source familiar with the matter revealed that the NNSA was infiltrated via a hack exploiting Microsoft SharePoint software. The source, who spoke on condition of anonymity, stated that no sensitive or classified information was compromised in the breach. However, other departments within the agency were also exposed to potential risk.

According to Bloomberg, the NNSA has wide-ranging responsibilities, including providing nuclear reactors for submarines, responding to radiological emergencies for the Navy, and other critical functions. The agency also plays a key role in counter-terrorism efforts and the transport of nuclear weapons across the country.

This is not the first time the NNSA has been targeted. In 2020, hackers successfully breached the agency by exploiting a widely used software program from SolarWinds. At the time, a spokesperson for the U.S. Department of Energy stated that the malware had been “isolated to business networks only.”

Microsoft has attributed the recent attacks to state-sponsored hackers linked to the Chinese government. These hackers exploited vulnerabilities in SharePoint—commonly used in global cyber campaigns—to infiltrate governments, businesses, and other organizations worldwide.