Microsoft has confirmed that the service outages for Outlook, OneDrive, and different Microsoft 365 providers on June 5 have been attributable to a malicious assault. Hackers flooded Microsoft’s servers with denial-of-service (DDoS) assaults and introduced them to their overload restrict. The site visitors despatched to the servers elevated so massively because of the DDOS assaults that they might not course of the requests, bringing Microsoft’s providers to their knees.

This meant Microsoft prospects may not retrieve or write new emails in Outlook. Communication through Teams was additionally disrupted and calendars not synchronized. The OneDrive internet portal went down and numerous Azure providers have been not obtainable.

Microsoft writes:

“Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359.

These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.”

Customer information needs to be protected

The most vital assertion comes within the subsequent sentence of Microsoft’s disclosure: “We have seen no evidence that customer data has been accessed or compromised.”

The hackers used a so-called “Layer 7 DDoS” assault. In a DDoS assault on layer 7, attackers act on the appliance degree and ship such a lot of requests to the focused on-line providers that they’ll not course of the requests and are available to a standstill. The hackers used three several types of Layer 7 DDoS assaults to batter Microsoft providers.

Alleged Sudanese hacker group

As talked about above, Microsoft recognized the hacker group Storm-1359 because the originator of the assaults. This group additionally refers to itself as “Anonymous Sudan.” The group had declared that it might perform assaults in opposition to any nation that opposed Sudan. This hacker group has been recognized since January 2023, Bleeping Computer writes. Anonymous Sudan has already attacked numerous organizations and authorities establishments across the globe, forcing them offline and even stealing information.

Sudan is at present within the throes of a bloody civil struggle. There are additionally suspicions that Russia may have sturdy ties to Anonymous Sudan, nonetheless.