Earlier this month, Microsoft experienced a service disruption in its Microsoft 365 suite, which encompasses popular applications such as Outlook, Word, and Excel. According to the outage tracking website Downdetector, thousands of users were affected. On June 5, Microsoft’s official account, Microsoft 365 Status, tweeted about the outage and assured users that the situation was being addressed. The company later disclosed that the root cause of the outage was a Distributed Denial-of-Service (DDoS) attack.
In a recent blog post, Microsoft acknowledged that in early June 2023, there were noticeable spikes in traffic directed towards certain services, leading to temporary availability issues. The company swiftly initiated an investigation and identified ongoing DDoS activity linked to a threat actor known as Storm-1359. A DDoS attack is a malicious act where hackers overwhelm a server, service, or network with excessive internet traffic, disrupting its normal operation.
Microsoft’s analysis indicates that these attacks likely involve the utilization of multiple virtual private servers (VPS), rented cloud infrastructure, open proxies, and DDoS tools. Although a spokesperson from Microsoft confirmed the involvement of a group known as Anonymous Sudan, which claimed responsibility for the attacks on its Telegram social media channel, the company did not provide specific details regarding the number of affected customers or the global impact. Microsoft did, however, emphasize that there is no evidence of customer data being accessed or compromised during the incident.
The DDoS activity targeted layer 7, focusing on application-layer resources rather than network-layer or transport-layer resources. In response, Microsoft has fortified its layer 7 protections, including enhancing the Azure Web Application Firewall (WAF), to better safeguard customers against similar DDoS attacks.
During the attack, several users reported that their Outlook desktop application became non-functional. Both Windows and macOS users encountered difficulties in sending emails.