Microsoft announced that it experienced DDoS attacks on its popular services in the past weeks. The company stated that the disruptions in June affecting Azure, Outlook, and Teams were due to cyber attacks. Microsoft’s defense against the attacks took approximately 15 hours.
Microsoft says June outages were a DDoS attack
In a blog post by Microsoft, the details of the attack were discussed. The tech giant detected a significant increase in traffic on certain services, which was identified as a DDoS attack. The investigation revealed that no customer data had been accessed.
However, Microsoft did not share further details, so it is currently unknown whether the attack was global or how many customers were affected. In terms of security, the protections of Azure Web Application Firewall (WAF) were strengthened.
Microsoft identified the group responsible for the attack as “Storm-1359.” This group used a combination of tools to launch the attack on Microsoft’s servers. Tactics employed included generating high-volume SSL/TLS and HTTP(S) requests.
According to the company’s statement, the attacking group sent “millions of requests” from various IP addresses worldwide to stress the servers of tools like Outlook and Teams. Microsoft knows that botnets were used during the attack, and it was primarily orchestrated by the Russian-based Killnet.
Furthermore, there was a significant security vulnerability discovered in Edge recently. The browser’s internal image enhancement technology is used to improve the clarity, sharpness, colorization, and contrast of images on websites. However, it was reported that this technology posed a threat to user privacy in the background.