Security News > 2024 > July > Microsoft: DDoS defense error amplified attack on Azure, leading to outage
![Microsoft: DDoS defense error amplified attack on Azure, leading to outage](/static/build/img/news/microsoft-ddos-defense-error-amplified-attack-on-azure-leading-to-outage-medium.jpg)
A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed.
Microsoft's mitigation statement on the Azure status history page.
Microsoft Azure, 365 outage triggered by DDoS. "Between approximately at 11:45 UTC and 19:43 UTC on 30 July 2024, a subset of customers may have experienced issues connecting to a subset of Microsoft services globally. Impacted services included Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, as well as the Azure portal itself and a subset of Microsoft 365 and Microsoft Purview services," Microsoft said.
"An unexpected usage spike resulted in Azure Front Door and Azure Content Delivery Network components performing below acceptable thresholds, leading to intermittent errors, timeout, and latency spikes."
Users were also unable to access some Microsoft 365 services - Microsoft 365 admin center, Intune, Entra and Power Platform - but SharePoint Online, OneDrive for Business, Microsoft Teams and Exchange Online remained accessible and responsive.
Microsoft said that the outage was triggered by a Distributed Denial-of-Service attack, and that its effect was amplified by an error in the implementation of Azure DDoS defenses.
News URL
https://www.helpnetsecurity.com/2024/07/31/microsoft-azure-ddos/
Related news
- Microsoft says massive Azure outage was caused by DDoS attack (source)
- 'Error' in Microsoft's DDoS defenses amplified 8-hour Azure outage (source)
- Major Microsoft 365 outage caused by Azure configuration change (source)
- Microsoft 365 and Azure outage takes down multiple services (source)
- Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks (source)
- DDoS attacks target EU political parties as elections begin (source)
- Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers (source)
- Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals (source)
- Notorious cyber gang UNC3944 attacks vSphere and Azure to run VMs inside victims' infrastructure (source)
- CDK Global outage caused by BlackSuit ransomware attack (source)