09:48
14:00
10:14
09:40
12:52
11:39
09:48
14:00
10:14
09:40
12:52
11:39
09:48
14:00
10:14
09:40
12:52
11:39
09:48
14:00
10:14
09:40
12:52
11:39
In a recent blog post, Microsoft revealed that the widespread outages experienced by Outlook users in June were the result of a Distributed Denial-of-Service (DDoS) attack.
he attack, which lasted for about a day, caused service disruptions for approximately 18,000 users at its peak. Microsoft acknowledged the incident and provided technical details and recommendations to enhance security against similar attacks in the future.
Although the blog post did not mention how the company resolved the attack, the Microsoft 365 Status Twitter account updated users about the ongoing outage on June 5th and indicated that the service had stabilized the following day. A spokesperson confirmed the group behind the attack as Anonymous Sudan, an active group since at least January, according to Cybernews.
The attack conducted by Storm-1359, as referred to by Microsoft, was aimed at the OSI layer 7, which is where network applications interact with network services. This layer includes applications like email, which rely on network access for data retrieval. Microsoft believes that the attackers utilized botnets and tools, leveraging multiple cloud services and open proxy infrastructures. The motive behind the attack appeared to be disruption and publicity.
Microsoft has previously encountered large-scale DDoS attacks, including one in 2021 that lasted over 10 minutes and peaked at 2.4 terabits per second (Tbps) of traffic. In 2022, an attack reached a peak of 3.47 Tbps. The magnitude of the traffic bursts during the June attack remains unclear.