Slashdot: Microsoft Says Some SharePoint Server Hackers Now Using Ransomware

Jul 24, 2025

—

Source URL: https://it.slashdot.org/story/25/07/24/1359230/microsoft-says-some-sharepoint-server-hackers-now-using-ransomware?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Microsoft Says Some SharePoint Server Hackers Now Using Ransomware

Feedly Summary:

AI Summary and Description: Yes

Summary: The text discusses a cyber-espionage campaign, specifically by a group referred to as “Storm-2603,” that has transitioned from conventional data theft to deploying ransomware. This represents a worrying trend in cyber threats, significantly affecting multiple organizations, including governmental agencies.

Detailed Description: The rising threat posed by the “Storm-2603” group reflects a critical shift in cyber-espionage tactics towards ransomware deployment, which creates severe implications for cybersecurity professionals in the domains of information and infrastructure security. Key points include:

– **Transition to Ransomware**: The campaign marks a notable departure from traditional state-backed cyber operations that typically focus on data theft, indicating an evolution in the motivations and tactics of cybercriminals.

– **Scale of Impact**: The group has compromised at least 400 organizations, a significant increase from 100 victims just a few days earlier. This rapid escalation underscores a growing vulnerability among organizations, especially regarding software security vulnerabilities in widely used Microsoft server software.

– **Involvement of Federal Agencies**: Notable entities affected include federal agencies such as the National Institutes of Health and the Department of Homeland Security. The breach of such institutions emphasizes the critical nature of enhancing cybersecurity measures and readiness.

– **Recommendations for Professionals**:
– **Enhanced Monitoring & Defense**: Organizations should implement more robust security protocols, including continuous monitoring for signs of intrusion and deploying advanced threat detection systems.
– **Software Patching**: Regular updates and patch management practices need to be enforced to protect against known vulnerabilities within server software.
– **Incident Response Planning**: Developing and routinely testing incident response plans can help organizations swiftly address cyber threats and minimize impact.
– **Ransomware Preparedness**: Businesses must develop contingency plans regarding ransomware incidents, including employee training, data backups, and communication strategies.

This incident not only raises alarms about the shifting nature of cyber threats but also signifies the urgent need for enhanced security measures across the landscape of information technology infrastructures.

1 10 2 24 2603 3 4 5 7 a Act advanced advanced threat detection AI alt and API ARM art as at backup backups Bi breach business by C CI CIA co Col communication communication strategies compromised continuous continuous monitoring core criminals critical cross cyber Cyber Operations cyber threat cyber threats cyber-espionage cybercriminal cybercriminals cybersecurit Cybersecurity cybersecurity measures Cybersecurity Professionals D data data backup data backups data theft day days de defense Department of Homeland Security deployment detection Detection Systems domain domains DoT e employee training end enhanced security enhanced security measures espionage federal agencies for g Gen Go government governmental agencies Group H hack hacker hackers health Homeland Security HR http HTTPS implications in incident incident response incident response plan Incident Response Planning incident response plans information information technology infrastructure infrastructure security infrastructures institutions io J Just k Key known vulnerabilities l land least led Li Link M man management management practices measures Micro Microsoft Microsoft server software mini Monitor monitoring motivations multi N nation no non o of on one only operation operations organization organizations ory oS out over Patch Patch Management patch management practices patching per planning point practices pre preparedness pro professionals protocol protocols ps R Raise ransom ransomware ransomware deployment rate RCE re readiness recommendations red regular updates response Response Plan Ro robust security RoT row s Scale sec security security measure security measures security professionals security protocols Security Vulnerabilities server SHA SharePoint SharePoint Server shift Sig size sizes software software patching software security software security vulnerabilities source specific SSE state Storm strategies structures Swift system systems T tactics tech technology technology infrastructure ted test Testing text the theft threat threat detection Threat Detection Systems threats to Tor TP training transition under up update updates ups US use V victims vulnerabilities vulnerability Ware Wi x z