Microsoft: Outage was due to cyberattacks – Financial Post

Microsoft announced that the outages that affected some of its services in the earlier days of this month were the result of cyberattacks, but it claims that no evidence has been found of access to or breach of data of its users and customers.

“Beginning in early June 2023, Microsoft detected a spike in traffic to certain services that temporarily affected availability,” the company said. via blog post.

A court decision “freezes” the acquisition of Microsoft Activision

Microsoft said it launched an investigation and began monitoring DDoS activity from the threat actor referred to as Storm-1359 after the threat was identified.

It should be noted that DDoS attacks work by directing large amounts of internet traffic to target servers in a relatively simple attempt to take them down after they can no longer handle the volume of access requests.

The Microsoft 365 suite of software, including the Teams and Outlook apps, was down for more than two hours for more than a thousand users on June 5, and a brief outage was also seen the next morning, according to Reuters. This was Microsoft’s fourth such outage in a year.

It should be noted that sporadic outages affected both the Outlook email service and the OneDrive cloud storage service.

The perpetrators are unknown

It is still unknown if the company has identified the person responsible for the attack.

“We really have no way of measuring the impact if Microsoft doesn’t provide this information,” Jake Williams, a cybersecurity researcher and former hacker at the US National Security Agency, told Fortune. Williams indicated that he was not aware that Outlook had previously suffered an attack of this scale.

“We know that some resources were out of reach for some, but not for others. This often happens with DDoS for globally distributed systems,” Williams added. He said Microsoft’s apparent reluctance to provide an objective measure of customer impact “may say a lot”.

Microsoft called the attackers Storm-1359, using its specialty designation for groups whose identities have not yet been verified. Arresting people for cybercrime takes time – and even then it can be challenging if the adversary is experienced.