Last year, nation-state hackers breached the networks of two US municipalities according to the FBI. The agency sent out a security alert to private industry partners announcing the breaches last week. Attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the networks.
After the attackers gained advantage over the networks, activities including the exfiltration of user information, dropping of web shells and remote backdoor access, and escalation of administrative privileges occurred. The attacks were sophisticated in nature, leading the FBI to believe that nation-state actors were involved in both compromises. However, the FBI could not identify if both attacks were carried out by the same group. The names of the hacked municipalities remains unknown.
Read More: Nation-state actors have breached two US municipalities