"Outlook and Cloud Platform Disruptions in June Confirmed as Cyberattacks by Microsoft"

Microsoft reveals DDoS attack on its cloud platform and Office suite

Microsoft hit by DDoS attacks

Microsoft has disclosed that distributed denial-of-service (DDoS) attacks targeted its cloud computing platform and flagship office suite, causing serious service disruptions in early June. Initially, the source of the service disruptions was unknown. Microsoft did not disclose the severity of the attack, name the alleged perpetrators – identified as Storm-1359, or reveal how many customers were impacted. Microsoft acknowledged that the DDoS attackers were focused on interference and publicity, and may have rented cloud infrastructure and virtual private networks to bombard the company's servers from botnets. However, Microsoft did state that there was no evidence that customer data had been compromised.

Impact of DDoS attacks on Microsoft customers

DDoS attacks may not penetrate servers but can make websites unreachable, disrupting the work of millions of employees if the servers affected are those of a major global commerce platform such as Microsoft. It is unclear if this was the case in the attacks on Microsoft. Microsoft declined to detail the impact, frustrating cybersecurity researchers who claim that the company's apparent unwillingness to provide objective measures is probably indicative of the attack's magnitude. The problem affects all websites and Microsoft's expertise could demonstrate effective defence capabilities.

Who is responsible?

It has also emerged that it is uncertain who is behind the attacks. Cybersecurity researchers speculate that those who orchestrated the DDoS attack may be from either Killnet, a Kremlin-affiliated Russian group, or Anonymous Sudan. Microsoft also declined to pinpoint the attackers, who used botnets of zombie computers located across the globe to bombard its servers. The broad global reach of the attackers enabled them to target Microsoft servers without significant disruption.

‍

The impact of DDoS attacks on Office suites

On June 5th, widespread outages and fault reports peaked at over 18,000 reports for Microsoft's DNS server shortly after 11 a.m. Eastern Time. Microsoft announced that all its services including Microsoft Teams, SharePoint Online, Outlook and OneDrive for business had been affected. The services disruption continued through the ensuing week, with Microsoft confirming on June 9th that the Azure cloud platform was also affected. On June 8th, cloud-based OneDrive file-hoster was offline globally, but the desktop backup OneDrive clients functioned uninterrupted.

‍

Defending against DDoS attacks

DDoS attacks remain prevalent across most services, highlighting their potential to cause significant damage. Commenting on the impact of such attacks, NYU professor and CEO of TAG Cyber Edward Amoroso noted that DDoS attacks constitute an "unsolved problem", with Microsoft's vulnerabilities revealing a single point of failure. Effective defence against such attacks depends on distribution on a content distribution network. U.K. security researcher Kevin Beaumont observed that, and attackers are still using techniques that date back to 2009.
In conclusion, the recent DDoS attacks targeting the Microsoft cloud platform and Office suite highlights that no business is immune to cyber threats. The impact on Microsoft customers, including serious service disruptions and widespread outages, showcases the potential for significant damage and disruption caused by DDoS attacks. As a result, it is essential for new businesses to prioritize cybersecurity and invest in effective defenses against such attacks. Microsoft's vulnerabilities reveal the importance of a distribution on a content distribution network, and effective defense against DDoS attacks to reduce the risk of a single point of failure. The attacks also underscore the need for cybersecurity researchers to stay updated with the latest threat intelligence and techniques to fight back against attacks on businesses and prevent or limit the damage. In today's digital world, cyber resilience has become more critical than ever, and it's essential for new businesses to recognize the potential impact of their cybersecurity posture on their clients, stakeholders, and reputation. By improving cybersecurity defenses and maintaining their vigilance, new businesses can protect themselves and their customers from similar attacks.



Article First Published at: https://www.cnbc.com/2023/06/17/microsoft-says-early-june-disruptions-to-outlook-cloud-platform-were-cyberattacks.html