Subscribe to our YouTube channel ×

    Microsoft confirms that June Outlook outages were the result of a DDoS attack

    By: Dmitro Koval | 19.06.2023, 10:28
    Microsoft confirms that June Outlook outages were the result of a DDoS attack

    In early June, Outlook users began to complain en masse about the service's inaccessibility during peak usage. According to an article in The Associated Press, this was the result of a DDoS attack. Recently, Microsoft confirmed the attack in its blog post, where it also provided some details and recommendations for protection.

    Here's What We Know

    The blog post does not indicate whether the company managed to control the situation or whether the attack stopped on its own. However, the official Microsoft 365 Status account on Twitter reported the outage occurring on 5 June and then recurring later that day. It seems that the situation was finally resolved the next morning.

    An AP article mentions that a spokesperson (apparently from Microsoft) confirmed that the attack was carried out by a group called Anonymous Sudan, which has been active since at least January. According to the article, the group claimed that their attack lasted for about an hour and a half before being stopped.

    According to former National Security Agency hacker Jake Williams, quoted by AP: "there's no way to assess the impact unless Microsoft provides that information." He was unaware that Outlook had been so affected before.

    In 2021, Microsoft managed to mitigate one of the largest DDoS attacks ever recorded. This attack lasted over 10 minutes and reached a maximum traffic volume of 2.4 terabits per second (Tbps). In 2022, the attack speed increased to 3.47 Tbps. It is not known how significant the traffic spikes were during the attack in June.

    According to Microsoft, the DDoS targeted OSI layer seven, which is the network layer where applications access network services. This is where your applications, such as email, get their data. Microsoft believes that the attackers, whom they call Storm-1359, used botnets and tools to launch the attack from "multiple cloud services and open proxy infrastructures", with their main focus being disruption and publicity.

    Source: The Verge

    Microsoft
    Latest news
    Latest reviews
    Latest articles
    Best Graphics Cards comparison