What you need to know
- Microsoft details that the Office 365 disruptions experienced by users earlier this month were as a result of a DDoS attack.
- A group of hackers referred to as Anonymous Sudan that are believed to be Russian have taken credit for the attack.
- It's not yet confirmed whether Microsoft has fully resolved the issue.
At the beginning of this month, several reports surfaced online across various social media platforms by users expressing their frustrations over Office 365 disruptions, peaking at over 18,000 users.
Microsoft later confirmed that the disruption was widespread across most platforms, including Outlook, Microsoft Teams, SharePoint Online, and OneDrive for Business. Even the company's cloud computing platform, Azure experienced disruptions.
We're investigating an issue with accessing Outlook on the web. Further details can be found under EX571516 in the admin center.June 5, 2023
And now, according to a blog post by The Associated Press (AP), Microsoft narrowed down the issue to a Distributed Denial-of-Service (DDoS) attack.
Microsoft didn't disclose whether it has completely resolved the issues but went on to provide details revolving around the attack alongside ways through which users can avoid failing victims of such an attack again.
To this end, the company hasn't revealed the attack's impact. While speaking to The Associated Press, Jake Williams, a former National Security Agency offensive hacker, cited that it would be impossible to determine the magnitude of damage caused by the attack unless Microsoft reveals the data.
The tech giant believes that Storm-1359 is behind this particular attack. Though a group of attackers that refers to themselves as Anonymous Sudan took to their channel on Telegram to announce that they were behind the hit. The group further detailed that the outage lasted for at least an hour and thirty minutes.
The attackers' campaign mainly targeted Microsoft's OSI layer 7, designed to serve as a layer where apps like OneDrive and Outlook access network services.
Per Microsoft's report, the company believes that the hackers leveraged botnets and tools to deploy attacks on its services. The company believes that the attack was majorly focused on disruption and publicity rather than anything else.
