Microsoft Says DDoS Attack Caused Outlook, OneDrive Service Disruption
Microsoft confirmed disruption to its Microsoft 365 apps earlier this month was due to a distributed denial-of-service (DDoS) attack.
As AP reports(Opens in a new window), Microsoft published a blog post(Opens in a new window) on Friday providing details of the DDoS attack, which was carried out by a threat actor it refers to as Storm-1359. The group who claimed responsibility for the attack calls itself Anonymous Sudan.
According to cyber security solutions provider Radware(Opens in a new window), Anonymous Sudan is group of religiously motivated hackers from Sudan. They mainly target Swedish and Danish organizations as a reaction to far-right activist Rasmus Paludan. However, some security researchers suspect the group is just a front for a Russian hacking operation(Opens in a new window).
The attack against Microsoft's services started on June 5, and according to the Microsoft 365 Status Twitter account(Opens in a new window), impacted Outlook on the web first. Access to OneDrive was also impacted. Microsoft said the attacks most likely relied on "multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools" and focused on Layer 7, which is the application layer of the internet.
Beyond that, no in-depth detail was given, but Microsoft did confirm no customer data was accessed of compromised. It also took the opportunity to recommend using Azure Web Application Firewall (WAF) if organizations want to protect themselves from similar Layer 7 attacks.
DDoS attacks attempt to overload a target's servers with traffic and therefore stop any legitimate traffic getting through. It's an attack companies and organizations have had to accept they need to prepare for, but
Read more on pcmag.com
