Security News > 2023 > June > With dead-time dump, Microsoft revealed DDoS as cause of recent cloud outages

The Associated Press reported that in response to its inquiries about the cause of the outage, Microsoft admitted that Anonymous Sudan and DDoS orchestrated by the group were the cause of the outages.

The post that the AP claims is Microsoft's admission of succumbing to Anonymous Sudan doesn't mention the source of the DDoS - but does state: "Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359.".

"This recent DDoS activity targeted layer 7 rather than layer 3 or 4. Microsoft hardened layer 7 protections including tuning Azure Web Application Firewall to better protect customers from the impact of similar DDoS attacks," the post states.

"Microsoft hasn't linked"Storm-1359" to Anonymous Sudan, but says the gang "has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures.

By posting the blog entry about its recent outages on the Friday before a long weekend - and not linking Storm-1359 to an attacker - Microsoft appears to have tried to minimize the publicity around this attack.

Whoever did the DDoS deed, one fact is clear: Microsoft's signature cloud services were disrupted and degraded by a determined attacker.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/19/microsoft_365_outage_ddos_cause/