US Fermi National Accelerator Laboratory hit in cyberattack targeting Microsoft’s SharePoint

The laboratory, established in 1967 and based in suburban Chicago, is a hub for research in particle physics, studying the smallest building blocks of matter and energy. Bloomberg

The Fermi National Accelerator Laboratory, one of the Department of Energy’s 17 national labs, was attacked by hackers as part of a recent campaign seeking to exploit flaws in Microsoft Corp.’s SharePoint software.

“Attackers did attempt to access Fermilab’s SharePoint servers,” according to a Department of Energy spokesperson. “Thanks to DOE Office of Science’s cybersecurity investments, the attackers were quickly identified, and impact was minimal, with no sensitive or classified data accessed.”

Fermilab’s servers are back online and running normally, said the spokesperson, who didn’t provide additional details.

The laboratory, established in 1967 and based in suburban Chicago, is a hub for research in particle physics, studying the smallest building blocks of matter and energy, according to its website.

“We also probe the farthest reaches of the universe, seeking out the nature of dark matter and dark energy,” it says.

Microsoft warned earlier this month that hackers were actively targeting customers who manage SharePoint on their own networks, as opposed to being hosted and managed on the cloud. Flaws in SharePoint have allowed hackers to access file systems and execute computer code, according to federal authorities.

More than 400 government agencies and businesses globally have been breached in the campaign, including the US’s National Nuclear Security Administration, the semiautonomous arm of the Department of Energy responsible for producing and dismantling nuclear arms. For at least some of the attacks, Microsoft has blamed Linen Typhoon and Violet Typhoon, groups sponsored by the Chinese government, as well as another China-based group it calls Storm-2603. In response to the allegations, the Chinese Embassy has said it opposes all forms of cyberattacks, while also objecting to “smearing others without solid evidence.”