A wave of cyberattacks targeting a Microsoft SharePoint vulnerability has now reached more than 90 state and local governments across the United States. According to the Center for Internet Security (CIS), a nonprofit that supports local authorities in responding to cyber threats, attackers have launched widespread scanning and intrusion attempts exploiting this critical flaw.
CIS confirmed that dozens of state, local, tribal, and territorial government organizations were targeted. However, it emphasized that there’s no evidence of successful intrusions so far.
“None have resulted in confirmed security incidents,” said Randy Rose, CIS vice president of security operations and intelligence.
Widespread Exploitation Across Sectors
The vulnerability in Microsoft SharePoint, a popular document management and collaboration platform, was first disclosed earlier this month. Since then, attacks have accelerated globally, with cybersecurity firm Eye Security estimating more than 400 victims so far.
The campaign appears to be opportunistic, affecting public and private sector targets alike—including US federal agencies.
One notable example is Fermilab, the U.S. Department of Energy’s national particle physics laboratory. A spokesperson confirmed on Wednesday that attackers attempted to access its SharePoint servers.
“The attackers were quickly identified, and the impact was minimal, with no sensitive or classified data accessed,” the spokesperson said.
This mirrors earlier comments from the Department of Energy, which stated that the vulnerability affected “a very small number” of its systems.
Local Governments on High Alert
CIS, which operates a threat intelligence network for local government agencies, is working to help members detect and mitigate any risks tied to the Microsoft SharePoint vulnerability. While no breaches have been confirmed, the volume and scale of scanning activity suggest that attackers are aggressively looking for unpatched systems.
Affected organizations are being urged to:
- Patch vulnerable Microsoft SharePoint servers immediately
- Monitor for signs of suspicious activity or unauthorized access
- Join threat intelligence sharing programs for real-time updates
Eye Security and other researchers continue to track the attack campaign and are identifying new victims daily.
Conclusion
The ongoing exploitation of the Microsoft SharePoint vulnerability highlights the growing cybersecurity risks facing public institutions. With more than 90 local governments already targeted, and the number of global victims rising fast, this incident underscores the urgent need for patching, vigilance, and cross-sector collaboration. For now, the damage appears limited—but the threat is far from over.
0 responses to “Microsoft SharePoint Vulnerability Targets Over 90 Local Governments, Group Says”