Microsoft confirms recent outages were DDoS attacks
By ForGeeks Microsoft shared some information about the outage that affected its services earlier this month. The disruption affected the Azure cloud computing platform, as well as Microsoft tools such as Outlook email and the OneDrive file-sharing application.
Microsoft said little about the incident at the time, but in a statement issued over the weekend, it confirmed that distributed denial-of-service» (DDoS) attacks — malicious activities that try to take down a server or network by overloading it with incoming Internet traffic — were the cause.
Since Microsoft offers a large number of cloud services, the attack could potentially affect millions of its customers around the world, although the company has not yet disclosed the exact extent of the disruption.
After the outage, Microsoft said it began tracking the activity of the threat actor, whom it named Storm-1359, using a naming convention that the company applies to groups while it investigates. The company added that the perpetrator, «seems to be targeting disruption and public».
The hacker group Anonymous Sudan claimed responsibility for the attack at the time, and in recent days Microsoft has confirmed to the Associated Press (AP) that it believes so.
The company said that after investigating the incident, it «saw no evidence that customer data had been accessed or compromised» but advised customers to read the technical details and recommendations listed in its announcement to make their systems more resilient to mitigate such attacks.
The group Anonymous Sudan emerged earlier this year and claims to target countries that interfere in Sudanese politics or promote anti-Muslim views, Bleeping Computer reported. But some security researchers believe the group may have ties to the pro-Kremlin hacker group Killnet, suggesting that the attack on Sudan could be a decoy.
The group’s targeting of Sudan may be a decoy.
While further details of the incident may yet emerge, perhaps Microsoft’s biggest concern is that it has failed to effectively deal with a DDoS attack, a common form of attack that allows attackers to affect the availability of online services.
