A Chinese-backed cyberattack has pierced the digital defenses of key US agencies—including the guardian of America’s nuclear arsenal—through a critical Microsoft SharePoint vulnerability.
Washington, D.C. (July 17, 2025) — In a chilling reminder of cyber vulnerabilities in even the most secure government institutions, the National Nuclear Security Administration (NNSA)—the US body responsible for safeguarding the nation’s nuclear stockpile—was among the victims of a China-linked cyberattack that exploited a dangerous zero-day flaw in Microsoft’s SharePoint software.
First reported by Bloomberg and confirmed by a source familiar with the incident, the breach was part of a state-sponsored espionage campaign attributed to Chinese hacking groups Linen Typhoon, Violet Typhoon, and Storm-2603.
The Department of Energy acknowledged the breach began on July 18, but insisted the damage was “minimal,” citing the agency’s advanced cybersecurity infrastructure and widespread reliance on Microsoft’s M365 cloud system. “The department was minimally impacted,” a spokesperson told Bloomberg, trying to downplay the gravity of the breach.
Yet the symbolic weight of the hack is immense. The NNSA’s responsibilities include:
- Security and modernization of the US nuclear weapons stockpile
- Oversight of nuclear-powered Navy reactors
- Rapid radiological emergency response.
Fortunately, officials confirmed that no classified data was compromised.
But the breach wasn’t limited to the Energy Department. The Department of Education and local governments in Florida and Rhode Island were also targeted in the wide-ranging infiltration—raising fresh concerns about the resilience of public sector cybersecurity in the face of aggressive foreign cyber campaigns.
Microsoft confirmed that the threat actors exploited vulnerabilities in SharePoint to burrow into sensitive systems across US and international networks. The breach reveals the growing sophistication of nation-state-level cyber warfare, particularly from China, and the alarming frequency with which critical US systems are probed and penetrated.
Though the immediate fallout may seem limited, the incident has once again raised questions over:
- Cloud dependency risks
- Microsoft’s patching and response protocols
- The long-term security of America’s most vital digital and nuclear infrastructure.
The NNSA breach stands as a stark warning: even the stewards of America’s nuclear arsenal are not beyond the reach of Chinese cyber-espionage.
