Microsoft has revealed that the mass outages that impacted many of its services at the beginning of June were caused by DDoS attacks orchestrated by a threat actor.
The company’s email platform Outlook, as well as its business communications platform Microsoft Teams, were among the services affected during the incident.
With data breaches and other types of cyber-attacks on the rise, it’s important to utilize cybersecurity tools to bolster your defenses wherever possible. VPNs, which hide user IP addresses, make it harder for criminals to conduct DDoS attacks.
Microsoft Experiences Outages on Multiple Services
Reuters reports that on June 5th, a number of services within Microsoft’s 365 suite were down for more than two hours. Microsoft Outlook and Microsoft Teams were among the programs affected by the attack, as were Word and Excel.
OneDrive was also down for some time on June 8th while cloud computing platform Azure suffered outages on June 9th, according to Bleeping Computer.
Microsoft is tracking the threat as “Storm-1359”, but responsibility for the attack was claimed at the time on messaging app Telegram by a hacking group known as “Anonymous Sudan”.
Anonymous Sudan Strike Again
Anonymous Sudan has been active since at least January of this year, and has targeted multiple organizations operating in Sweden and Denmark, Radware says.
Multiple sources consider the group to be largely religiously and politically motivated, but CNBC reports that some sources believe the group is in fact Russian.
Anonymous Sudan is reportedly part of a “Darknet Parliament” consisting of multiple threat groups, the existence of which was revealed in a Telegram post by fellow pro-Russian threat actors KillNet last week.
What are DDoS Attacks?
DDoS (Distributed Denial of Service) attacks are a subcategory of cyberattacks that focus on overwhelming a target server or organization with a surge of traffic, resulting in it shutting down completely.
Typically, a hacker will use a network of bots or other resources to orchestrate this kind of attack, and large-scale DDoS attacks powerful enough to shut down services like Microsoft Outlook require a huge amount of resources.
As Microsoft says in a blog post discussing the incident, attacks like this “likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.”
The main goal of DDoS attacks is to disrupt services and make a target company or individual invest time, resources, and money into getting their site back online. However, they’ve also been observed to be a decoy for other cyber attacks.
VPNs like Surfshark securely mask their users’ IP addresses, which makes it a lot harder for hackers to orchestrate DDoS attacks. It’s crucial you’re investing in relevant cybersecurity tools to keep yourself – and your business – safe from these kind of threats.