Back

Microsoft confirms Azure, 365 outage linked to DDoS attack

Posted By

TechCentral.ie

On

August 1, 2024

Error in Redmond's security response may have compounded impact of cloud service outage

Microsoft has confirmed a DDoS (distributed denial of service) attack led to an eight hour outage Tuesday involving its Azure portal, as well as some Microsoft 365 and Microsoft Purview services.

A DDoS attack is when a website is flooded with traffic, taking its services online. In the past it has been a favoured tactic of hacktivist collectives like Anonymous.

The company said an unexpected spike in usage led to intermittent errors, spikes and timeouts in Azure Front Door and Azure Content Delivery Network. An initial investigation showed an error in the company’s security response may have compounded the impact of the outage.

Microsoft said it will have a preliminary review of the incident in 72 hours and a final review within two weeks, to see what went wrong and how to better respond.

The incident comes less than two weeks after a global IT outage involving 8.5 million Windows devices when security firm CrowdStrike issued a defective software update in its Falcon security platform.

After initially learning of the incident, Microsoft made networking configuration changes to support its DDoS mitigation. The company also performed failovers to alternative networking paths.

This is not the first time the company has dealt with DDoS-associated disruption. Microsoft was the target of a series of DDoS attacks in 2023 linked to pro-Russia hacktivists, including a group known as Anonymous Sudan.

Microsoft said initial networking configuration changes mitigated the majority of the impact by shortly after 3pm Irish time, just over three hours after the disruption began. Some customers subsequently reported less than 100% availability and the company began rolling out an updated response, first in Asia Pacific and then Europe.

After validating the successful mitigation, the changes were rolled out in the Americas.

Failure rates improved to pre-incident levels by the afternoon and by just before 10pm EST the incident was declared resolved, nine hours after the disruption began.

“The Microsoft outage demonstrates the ease at which DDoS actors can wreak havoc against critical business services,” Donny Chong, director at Nexusguard, said in a statement.

Source: https://www.techcentral.ie/microsoft-confirms-azure-365-outage-linked-to-ddos-attack/