Several organisations in South Africa have fallen victim to a global cyberattack that exploited a vulnerability in Microsoft Corp.’s SharePoint servers.
- A global cyberattack has targeted Microsoft SharePoint server vulnerabilities, affecting 400 entities worldwide.
- Victims of the attack include government agencies, corporations, and educational institutions, with some cases reported in South Africa.
- South Africa’s National Treasury detected malware in its infrastructure but confirmed no system disruptions.
The Dutch company, which detected the initial wave of breaches last week, said hackers have compromised around 400 entities worldwide, including government agencies, corporations, and other institutions. The actual number of affected organisations may be significantly higher.
While the United States accounted for the majority of the breaches, Mauritius, Jordan, South Africa, and the Netherlands also reported a notable number of victims, Bloomberg reported.
DON’T MISS THIS: 1 million tons of petrol shipped overseas as Dangote refinery takes Nigerian fuel global
“We never name individual victims, but can share that in South Africa we’ve seen an organisation in the car-manufacturing industry, a university, several local-government entities and a federal government entity,” Eye Security co-owner Vaisha Bernard said.
He added that two additional, unnamed organisations have also been compromised. Details of the attack have been shared with South Africa’s Computer Security Incident Response Team (CSIRT) for further investigation.
Treasury confirms malware infection
South Africa’s National Treasury has confirmed that it is working with Microsoft Corp. after detecting malware on one of its systems. The infection was found on its Infrastructure Reporting Model website, the Treasury said in a statement.
DON’T MISS THIS: Dangote exposes black market fuel cartels undermining refinery development in Africa
The incident comes amid a broader wave of cyberattacks exploiting vulnerabilities in Microsoft’s SharePoint servers. The platform is widely used in South Africa by both public and private institutions for document collaboration and storage.
Many organisations host SharePoint on-premises to maintain control and add layers of security, ironically, the very setup now being targeted by attackers.
Microsoft has said the current wave of attacks specifically affects clients running on-premise SharePoint servers, rather than those hosted and managed by Microsoft in the cloud. The company has yet to respond to a request for comment.
