Posted By
Cybersecurity Dive
On
July 31, 2024
The company said its own response to the outage may have made the impact worse.
The incident comes less than two weeks after a global IT outage involving 8.5 million Windows devices when CrowdStrike issued a defective software update in its Falcon security platform.
After initially learning of the incident, Microsoft made networking configuration changes to support its DDoS mitigation. The company also performed failovers to alternative networking paths.
This is not the first time the company has dealt with DDoS-associated disruption. Microsoft was the target of a series of DDoS attacks in 2023 linked to pro-Russia hacktivists, including a group known as Anonymous Sudan.
Microsoft said initial networking configuration changes mitigated the majority of the impact by shortly after 10 a.m. EST, just over three hours after the disruption began. Some customers subsequently reported less than 100% availability and the company began rolling out an updated response, first in Asia Pacific and then Europe.
After validating the successful mitigation, the changes were rolled out in the Americas.
Failure rates improved to pre-incident levels by the afternoon and by just before 5 p.m. EST the incident was declared resolved, nine hours after the disruption began.
“The Microsoft outage demonstrates the ease at which DDoS actors can wreak havoc against critical business services,” Donny Chong, director at Nexusguard, said in a statement.
Source: https://www.cybersecuritydive.com/news/microsoft-azure-365-outage-ddos/722920/