Security News > 2023 > June > Microsoft confirms Azure, Outlook outages caused by DDoS attacks

Microsoft has confirmed that recent outages to Azure, Outlook, and OneDrive web portals resulted from Layer 7 DDoS attacks against the company's services.
The outages occurred at the beginning of June, with Outlook.com's web portal targeted on June 7th, OneDrive on June 8th, and the Microsoft Azure Portal on June 9th. Microsoft did not share at the time that they were suffering DDoS attacks but hinted that they were the cause, stating for some incidents that they were "Applying load balancing processes in order to mitigate the issue."
In a preliminary root cause report released last week, Microsoft further hinted at DDoS attacks, stating that a spike in network traffic caused the Azure outage.
In a Microsoft Security Response Center post released on Friday, Microsoft now confirms that these outages were caused by a Layer 7 DDoS attack against their services by a threat actor they track as Storm-1359.
The attacks first targeted Scandinavian Airlines, with the threat actors demanding $3,500 to stop the DDoS attacks.
The group later targeted the websites for American companies, such as Tinder, Lyft, and various hospitals throughout the USA. In June, Anonymous Sudan turned their attention to Microsoft, where they began DDoS attacks on web-accessible portals for Outlook, Azure, and OneDrive, demanding $1 million to stop the attacks.
News URL
Related news
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft links recent Microsoft 365 outage to buggy update (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- New Microsoft 365 outage impacts Teams, causes call failures (source)
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Microsoft says button to restore classic Outlook is broken (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- Microsoft fixes button that restores classic Outlook client (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
- DDoS Attacks Now Key Weapons in Geopolitical Conflicts, NETSCOUT Warns (source)