Microsoft Points to DDoS Attack as Cause of Outage

Share
This attack is part of a broader trend of increasing DDoS attacks targeting critical infrastructure
Microsoft has confirmed a DDoS cyberattack aimed at its Azure platform lead to a number of its services going down

Microsoft has confirmed that the cause of an outage of a number of its attacks were due to a distributed denial of service (DDoS) cyberattack aimed at its Azure services. 

The incident, which lasted 10 hours, affected several Microsoft services globally, including Microsoft 365 products such as Office and Outlook.

During this period, users experienced difficulties connecting to various Microsoft services.

Microsoft said it had implemented a fix for the problem which "shows improvement", and it would monitor the situation "to ensure full recovery."

This incident comes on the heels of a separate issue less than two weeks prior, where a CrowdStrike update caused Microsoft Windows machines to crash.

Anatomy of the attack

Microsoft described the initial trigger as an "unexpected usage spike" resulting from a DDoS attack. Such attacks overwhelm services with traffic, rendering them inoperable. 

Despite having DDoS protection mechanisms in place, an error in the implementation of these defences occurred.

DDoS as a means of cyber attack have had an alarming resurgence as of late. 

Recent reports from cybersecurity firms Imperva, NETSCOUT, and F5 Labs, have documented an alarming surge in their frequency. 

F5 Labs' 2024 DDoS Attack Trends report recorded a 112% increase in such attacks from 2022 to 2023, while Imperva reported a 111% rise in the first half of 2024 compared to the same period in 2023.

Imperva's report noted a 519% increase in DDoS attacks targeting Ukraine, while F5 Labs observed significant spikes in DDoS activity in America, France, and the UK.

Implications for critical Infrastructure

This attack, although largely resolved quickly, had key consequences for a number of enterprise customers who use its system.

Payment services MyAccount and PayNow had their services effected and the British judicial system HM Courts and Tribunals Service had issues with multiple online services.

Due to worldwide issues with Microsoft Azure, a problem with our website is affecting several services including MyAccount and PayNow.

Thanks for bearing with us as we work through this issue with our IT providers and do keep an eye on our social channels for further updates. pic.twitter.com/O5pHoHURP4

— Cambridge Water đźš° (@Cambswater) July 30, 2024

This attack is part of a broader trend of increasing DDoS attacks targeting critical infrastructure.

Critical infrastructure are companies involved in elements of telecommunications, and have been one of the most hit from the DDoS surge.

Imperva reported a 548% rise in application layer DDoS attacks targeting the telecom and ISP sectors, while F5 Labs found a staggering 655% increase in DDoS incidents in this sector.

DDoS developments

Microsoft has committed to publishing a Preliminary Post Incident Review within 72 hours of the outage, promising more details on the incident and their response. 

"Clearly, the threat from DDoS attacks is constantly evolving,” David Warburton, Director of F5 Labs, warns.

This transparency is crucial as Microsoft claimed, "while the initial trigger event was a DDoS attack, which activated our DDoS protection mechanisms, initial investigations suggest that an error in the implementation of our defences amplified the impact of the attack rather than mitigating it."

Understanding potential new points of entry can broaden the arsenal of intelligence cybersecurity professionals have to work with and can help soothe this surge.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns…

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers…

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks…

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security