Microsoft confirms recent service outages were DDoS attacks

Microsoft has shared some information about an outage that affected a number of its cloud-based services earlier this month.

Microsoft confirms recent service outages were DDoS attacks

Microsoft has shared some information about an outage that impacted its services earlier this month.

The disruption affected the computer giant’s Azure cloud computing platform, along with Microsoft tools such as the Outlook email and OneDrive file-sharing apps.

At the time, Microsoft said little about the incident, but in a post published over the weekend, it confirmed the cause to be distributed denial-of-service (DDoS) attacks, a malicious act that attempts to disrupt a server or network by overwhelming it with incoming internet traffic.

With Microsoft offering a large number of cloud-based services, the attack could potentially have impacted millions of its customers around the world, though the company has yet to reveal the precise extent of the disruption.

Following the outage, Microsoft said it began tracking activity by the threat actor, which it named Storm-1359 using a naming convention that it deploys for groups while investigations are underway. It added that the perpetrator “appears to be focused on disruption and publicity.”

At the time, a hacking group called Anonymous Sudan claimed responsibility for the attack, and in recent days Microsoft confirmed to the Associated Press (AP) that it believes this to be the case.

The company said that after investigating the incident, it had “seen no evidence that customer data has been accessed or compromised,” but advised customers to review the technical details and recommendations listed in its post in order to increase the resilience of their systems to help mitigate similar attacks.

Anonymous Sudan emerged at the beginning of this year and claims to target nations that interfere in Sudanese politics or promote anti-Muslim views, according to Bleeping Computer. But some security researchers believe that the group may have links to the pro-Kremlin Killnet hacker group, raising the possibility that the standpoint on Sudan may be a decoy.

While further details about the incident may yet come out, perhaps most alarming for Microsoft is that it was unable to effectively deal with a DDoS attack, a common form of attack that enables malicious actors to impact the availability of online services.

Editors' Recommendations

Akamai foils massive DDoS attack in Asia that reached 900Gbps This huge DDoS attack was one of the longest ever recorded Google just thwarted the largest HTTPS DDoS attack in history Hackers just launched the largest HTTPS DDoS attack in history Cloudflare just stopped one of the largest DDoS attacks ever

Trevor Mogg

Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…

Microsoft stopped the largest DDoS attack ever reported

Nvidia T4 Enterprise Server Wall

Distributed Denial-of-Service (DDoS) attacks have become more common, and Microsoft recently published a blog post looking into the trends for such attacks on its own servers. In that post, the company says that, at one point, it stopped one of the largest-ever-recorded DDoS attacks on a Microsoft Azure server in Asia.

According to Microsoft's data, in November, an unnamed Azure customer in Asia was targeted with a DDoS attack with a throughput of 3.47 Tbps and a packet rate of 340 million packets per second (pps.) The attack came from 10,000 sources from multiple countries across the globe, including China, South Korea, Russia, Iran, and Taiwan. The attack itself lasted 15 minutes. Yet it is not the first one of such scale, as there were two additional attacks, one of 3.25 Tbps and another of 2.55 Tbps in December in Asia.

Read more

Cloudflare reports a massive 175% increase in DDoS attacks

Person using laptop with security graphics in front.

Cloudflare, a web infrastructure and security company, has just released a report titled "DDoS Attack Trends for Q4 2021." According to Cloudflare, 2021 has been a particularly bad year in terms of DDoS attacks.

Ransom distributed denial of service (DDoS) attacks increased by over 175 percent quarter over quarter, highlighting the large scale of the problem described by Cloudflare.

Read more

Analysis of internet-connected devices reveals millions are vulnerable to attack

A hand on a laptop in a dark surrounding.

For anyone involved in information security and combating the incredible breadth and depth of malware that's constantly aimed at stealing our most important information, it's not enough to simply know whether a given machine is compromised. Just as important is knowing which machines are vulnerable to attack.

That's precisely the objective of projects that scan the internet looking for unsecured systems. One such initiative is Shodan, a search engine that scans online systems and "cyber assets" looking for any with security flaws that could open them up for attack. Security company Trend Micro conducted its own analysis of Shodan data for February 2016 and summarized the findings on its Security and Intelligence blog, noting that literally millions of internet-connected devices are vulnerable, including many in the most sensitive industries.

Read more