Microsoft Azure and Outlook outages were caused by DDoS attacks
Looks like Sudanese attackers flooded Microsoft’s servers
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Microsofthas confirmed that outages to its Azure and Outlook services were caused by DDoS attacks, which the company puts down to the threat actor that it tracks as Storm-1359.
This follows the tech giant’s new nomenclature for threats, whereby Storm denotes a group that is in development.
Otherwise known as Anonymous Sudan, it is said to be a politically motivated Sudanese gang of self-proclaimed “hacktivists,” who have already had run-ins with France, Denmark, and Sweden so far this year.
Sudanese threat actor behind Microsoft DDoS attacks
Microsoft says that Storm-1359 launched several types of layer 7 DDoS attacks, including an HTTP(S) flood attack which sees a high load of SSL/TLS handshakes and HTTP(S) requests cause the backend’s CPU and memory to become depleted. In this instance, it is believed that millions of requests were made simultaneously.
The best email providers>Microsoft OneDrive went down after a spate of DDoS attacks>Microsoft Azure outage caused by “huge spike”, that could have been a DDoS attack
The group also used cache bypass tactics which force the frontend layer to direct requests to the origin rather than retrieving cached contents, and slowloris, which forces a web server to keep the connection open by failing to acknowledge a download.
“These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools,” said Microsoft in theannouncement.
Ultimately, while services were disrupted over the course of a series of days in early June, Microsoft says that it has “seen no evidence that customer data has been accessed or compromised.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The company has also provided a handful of steps that customers can take to reduce their impact to layer 7 DDoS attacks in the future, which are outlined on itswebsite.
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!
Washington state court systems taken offline following cyberattack
Is it still worth using Proton VPN Free?
Filming with an iPhone? A smart, AI-powered gimbal from Hohem can help
