In the murky world of political and business propaganda, revealing bad news on Friday afternoon, when few media outlets are watching and audiences are low, is called “taking out the trash.” Microsoft appeared to do that last Friday.
A DDoS attack caused early June downtime of its 365 services and Azure Cloud site.
During the downtime, the software giant tweeted that its engineers were “reviewing our networking systems and recent updates in an effort to identify the underlying root cause of the issue.” Redmond reported a “anomaly with increased request rates” that affected Azure services.
Anonymous Sudan claimed responsibility for the June 6 Microsoft 365 disruptions.
Microsoft told the AP that Anonymous Sudan and DDoS caused the outages. The AP claims Microsoft’s post admits to bowing to Anonymous. “Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability,” Sudan said, without identifying the DDoS source. Microsoft immediately began tracking Storm-1359’s DDoS activity.
This DDoS attack targeted layer 7 instead of layers 3 or 4. “Microsoft hardened layer 7 protections and tuned Azure Web Application Firewall (WAF) to better protect customers from similar DDoS attacks,” the document adds.
Attacking Microsoft 365 accomplished both goals.
Microsoft appears to have tried to downplay Storm-1359 by writing a blog on its previous outages on the Friday before a long weekend and not naming an attacker.
A determined cyberattack damaged and degraded Microsoft’s signature cloud services. That’s a bad outcome for a software firm that boasts excellent security and encourages consumers to go cloud-first because of its cloud resilience. Microsoft said “no evidence that customer data has been accessed or compromised.”