Microsoft says June Outlook outage was a DDoS attack

In early June, complaints began pouring in on Twitter that Outlook was down for more than 18,000 users after it turned out to be a Distributed Denial-of-Service (DDoS) attack, according to a story The Associated Press ,AP) today morning. Microsoft acknowledged the attack in a blog post On Friday, it offered some technical details and recommendations to guard against such attacks in the future.

AP The article states that a spokesperson (presumably for Microsoft, although this is not explicitly stated in the article) confirmed the group to be Anonymous Sudanese, a group that has been active since at least January, says an article in Is cybernews, who reported on the day of the attack. According to that article, the group claimed that its attack lasted for about an hour and a half before it was called off.

According to a former National Security Agency offending hacker named Jake Williams AP The story, “If Microsoft doesn’t provide that information, there’s no way to measure the impact,” and he didn’t know Outlook had hit him so hard before.

In 2021, Microsoft brought down one of the largest DDoS attacks ever recorded at the time, which lasted for more than 10 minutes with traffic at 2.4 Terabits per second (Tbps). In 2022, a Attack reached 3.47Tbps, It is unclear how large the traffic explosions were in the June attack.

DDoS Activity, Microsoft says in his blog post, target OSI layer 7 — that is, the layer of the network where applications access network services. This is where your apps, such as email, call for their data. Microsoft believes that the attacker, which it calls Storm-1359, used botnets and tools to launch its attacks “from multiple cloud services and open proxy infrastructure”, and it relies on disruption and propagation. appeared to be focused.

We’ve reached out to Microsoft for comment, and will update here if we hear back.