In early June, a large number of Microsoft users encountered significant problems with their access to essential remote-work tools like Outlook email and OneDrive file-sharing apps. Tens of thousands of users reported being unable to use these services. The disruptions lasted for more than two hours, causing inconvenience and hindering productivity for many individuals.
Initially, the cause of these service disruptions was unclear, as stated by Microsoft's tweets during that time. However, the software company has now identified the source of the outages. According to Microsoft, the disruptions were caused by a distributed denial-of-service (DDoS) attack carried out by a cybercriminal group called "Anonymous Sudan". This group is allegedly linked to Russia.
Microsoft officially acknowledged the involvement of the cybercriminal group in the service outages during the week of June 5. In a statement on its website, the company mentioned that the attacks had temporarily impacted the availability of some services. It is believed that the attackers focused on causing disruption and seeking publicity. They likely utilised rented cloud infrastructure and virtual private networks to launch their attack on Microsoft servers. The attackers employed botnets consisting of compromised computers worldwide.
While Microsoft's post referred to the attackers as "Storm-1359", which is a term used for unidentified groups, a Microsoft representative confirmed to the Associated Press that the group known as Anonymous Sudan was responsible for the attacks.
Fortunately, Microsoft stated that there is no evidence of any customer data being accessed or compromised as a result of the attacks unlike the attack on China and Singapore data centres that saw the exfiltration of thousands of customers' data. DDoS attacks are typically considered a nuisance as they render websites unreachable without actually breaking them. However, security experts warn that if successful, these attacks can disrupt the work of millions of people who rely on popular tech services.
Gil Messing, chief of staff at software and security firm Check Point, explained that while DDoS attacks are not sophisticated, they have a significant impact on consumer usage. He emphasised that such attacks prevent users from accessing websites and can cause inconvenience.
Following the attack, Microsoft implemented various measures to enhance protection against future DDoS attacks. This includes optimising its Azure Web Application Firewall, which serves as a defence against potential attacks, according to the company's statement.
Cybersecurity experts are now concerned that the success of the Anonymous Sudan attack may encourage other attackers to attempt similar actions. Steven Adair, president of cybersecurity firm Volexity, hopes that this will not be the case but warns that Microsoft needs to remain vigilant and prepared for potential copycat attempts. Check in for hide VPN service that will guarantee your online safety.