Microsoft recently was the victim of a massive DDoS (distributed denial of service) attack which led to large-scale outages across Microsoft 365 services like Outlook, Teams, and OneDrive. After resolving the issues and looking more closely into the matter, the company explained that the attackers targeted Layer 7 or L7 (Application layer) of the OSI, though it assured that no customer data was compromised:
Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359.
These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.
We have seen no evidence that customer data has been accessed or compromised.
This recent DDoS activity targeted layer 7 rather than layer 3 or 4.
Fast forward a couple of weeks, and Microsoft 365 services were once again affected today, though thankfully, the problem was resolved within a few hours. The details of the issue could be tracked under ID MO597504 in the Microsoft 365 admin center:
We determined that the mitigations have helped resolve the underlying issue and our telemetry has confirmed that the impact to accessing files is now resolved. Further details can be found under MO597504 in the admin center.
— Microsoft 365 Status (@MSFT365Status) June 20, 2023
According to the official Microsoft 365 status Twitter handle, the issue was only affecting users in Western Europe:
We're investigating an issue where some users in Western Europe are unable to access files within the Microsoft 365 Service. Further details can be found under MO597504 in the admin center.
— Microsoft 365 Status (@MSFT365Status) June 20, 2023
Some further investigation helped the company determine what seemed to be the root cause of the issue, which was a data center in Germany that was not performing optimally. As such, the tech giant applied the necessary mitigations by reducing the load on the affected center:
We’ve identified a datacenter in Germany is not performing at optimal performance thresholds. We’ve applied mitigations to reduce the load on the affected infrastructure and are seeing improvements in availability. Further details can be found under MO597504 in the admin center.
— Microsoft 365 Status (@MSFT365Status) June 20, 2023
We will update the article if for some reason the issue returns.
- Adenman and Karlston
-
2
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.