According to the outage monitoring website Downdetector, the Microsoft 365 suite, which includes Outlook, Word, and Excel, was unavailable earlier this month for thousands of users. When the outage on June 5 happened, the Microsoft 365 Status account tweeted about it. A day later, it claimed to have resolved the issue. The company was looking into the source of the outage, and it has since stated that a distributed denial-of-service (DDoS) attack was to blame for the disruptions.
“Microsoft discovered traffic spikes against various services that momentarily disrupted availability, starting in early June 2023. As soon as possible, Microsoft launched an investigation and started monitoring ongoing DDoS activity by the threat actor known as Storm-1359, the company said in a blog post.
In a DDoS attack, hackers intentionally try to stymie a server, service, or network’s regular activity by flooding the target or its surrounding infrastructure with internet traffic.
The report went on to say that “these attacks probably rely on access to multiple virtual private servers (VPS) in addition to rented cloud infrastructure, open proxies, and DDoS tools.”
Suspected to be a Russian group
The Associated Press reported that a Microsoft representative had acknowledged that the attacks had been carried out by the organisation known as Anonymous Sudan. At the time, it took ownership of the situation via its Telegram social media channel. Some cybersecurity experts think the group is Russian.
However, it did not provide information on how many consumers were impacted or whether the effect was widespread. The business stated, “We have seen no evidence that customer data has been accessed or compromised.”
In contrast to layer 3 or 4, layer 7 was the target of the DDoS operation, according to Microsoft. In order to better shield customers from the effects of such DDoS attacks, Microsoft strengthened layer 7 defences, including tweaking Azure Web Application Firewall (WAF).
During the attack, a number of users reported that their Outlook desktop stopped functioning for them. Users of both Windows and macOS reported being unable to send emails among those who were impacted.