Security News > 2023 > June > Microsoft confirms DDoS attacks against M365, Azure Portal

The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday.
Throughout the first half June 2023 Microsoft confirmed, at various times, ongoing issues with its cloud-based services - Microsoft 365 and Azure Portal - but did not say at the time that they were caused by an increase in traffic.
Microsoft said that the attacks were caused by DDoS activity.
A group dubbed Storm-1359 by Microsoft was behind the attacks.
"These attacks likely rely on access to multiple virtual private servers in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," Microsoft informed.
"Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures," the company revealed, and noted that Storm-1359 "Appears to be focused on disruption and publicity."
News URL
https://www.helpnetsecurity.com/2023/06/19/microsoft-365-azure-ddos/
Related news
- Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- New Eleven11bot botnet infects 86,000 devices for DDoS attacks (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)