A major cyber espionage operation has compromised around 100 organisations by exploiting Microsoft server software. The Shadowserver Foundation and Eye Security, who discovered the breach, have not disclosed which firms were affected. On Saturday, Microsoft alerted users about "active attacks" on self-hosted SharePoint servers.

The attack is classified as a "zero-day" because it exploits an unknown digital vulnerability. This allows hackers to infiltrate susceptible servers and potentially install a backdoor for ongoing access to victim organisations. Vaisha Bernard, chief hacker at Eye Security in the Netherlands, noted that an internet scan with the Shadowserver Foundation identified nearly 100 victims before the hacking method became widely known.

Commonly used for document sharing and collaboration, SharePoint instances running on Microsoft servers were not impacted.

Global Impact of Cyber Espionage

Most affected organisations are located in the United States and Germany, including government entities. The Shadowserver Foundation confirmed these findings. Rafe Pilling from Sophos suggested that the spying seems to be conducted by a single hacker or group but warned this could change rapidly. The FBI acknowledged awareness of the attacks and is collaborating with federal and private partners.

Britain's National Cyber Security Centre reported awareness of a "limited number" of targets within the UK. A researcher tracking these hacks indicated that initial targets were primarily government-related organisations. However, potential targets remain extensive, with over 8,000 servers online possibly already compromised according to Shodan data.

Vulnerable Servers at Risk

The vulnerable servers include significant industrial firms, banks, auditors, healthcare companies, and various US state-level and international government bodies. Daniel Card from PwnDefend highlighted that the SharePoint incident has led to widespread compromise across global servers. He advised adopting an assumed breach approach and stressed that applying patches alone is insufficient.

Microsoft Stock Affected

Microsoft's stock showed minimal movement on Wall Street as of 3pm in New York (19:00 GMT), increasing only by 0.06 percent but rising over 1.5 percent in the last five trading days. Despite this financial stability, the identity of those behind the ongoing hack remains unclear.