Security News > 2023 > June > Microsoft confirms Azure, Outlook outages caused by DDoS attacks
Microsoft has confirmed that recent outages to Azure, Outlook, and OneDrive web portals resulted from Layer 7 DDoS attacks against the company's services.
The outages occurred at the beginning of June, with Outlook.com's web portal targeted on June 7th, OneDrive on June 8th, and the Microsoft Azure Portal on June 9th. Microsoft did not share at the time that they were suffering DDoS attacks but hinted that they were the cause, stating for some incidents that they were "Applying load balancing processes in order to mitigate the issue."
In a preliminary root cause report released last week, Microsoft further hinted at DDoS attacks, stating that a spike in network traffic caused the Azure outage.
In a Microsoft Security Response Center post released on Friday, Microsoft now confirms that these outages were caused by a Layer 7 DDoS attack against their services by a threat actor they track as Storm-1359.
The attacks first targeted Scandinavian Airlines, with the threat actors demanding $3,500 to stop the DDoS attacks.
The group later targeted the websites for American companies, such as Tinder, Lyft, and various hospitals throughout the USA. In June, Anonymous Sudan turned their attention to Microsoft, where they began DDoS attacks on web-accessible portals for Outlook, Azure, and OneDrive, demanding $1 million to stop the attacks.
News URL
Related news
- Microsoft Azure outage takes down services across North America (source)
- Users call on Microsoft to update Outlook's friendly name feature (source)
- Microsoft shares Outlook workaround for Gmail sign-in issues (source)
- Microsoft fixes 6 zero-days under active attack (source)
- DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals (source)
- DDoS attack volume rises, peak power reaches 1.7 Tbps (source)
- Microsoft shares temp fix for Outlook, Word crashes when typing (source)
- Microsoft shares workaround for Outlook crashing after opening (source)
- Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters (source)
- Average DDoS attack costs $6,000 per minute (source)