Info Data Leak

Microsoft Suffers Major Global Outage Due to DDoS Attack

kukublanPH

Threat Actor: Unknown | DDoS attack
Victim: Microsoft | Microsoft
Price: Estimated impact of millions in lost revenue and service disruption
Exfiltrated Data Type: N/A

Key Points :

  • On July 30, 2024, Microsoft experienced a major global outage affecting Azure and Microsoft 365 services for nearly 10 hours.
  • The outage was triggered by a Distributed Denial-of-Service (DDoS) attack that overwhelmed Azure Front Door and the Azure Content Delivery Network.
  • Users faced difficulties accessing various services, including Azure App Services and Microsoft 365 products.
  • An error in Microsoft’s defense systems exacerbated the impact of the attack, rather than mitigating it.
  • Microsoft implemented network configuration changes and failovers to restore services, achieving full recovery by 20:48 UTC.

On July 30, 2024, Microsoft faced a major global outage that disrupted Azure cloud services and Microsoft 365 products for nearly 10 hours. The incident, which began around 11:45 UTC and was resolved by 19:43 UTC, was triggered by a Distributed Denial-of-Service (DDoS) attack. This attack led to a significant surge in usage, overwhelming Azure Front Door (AFD) components and the Azure Content Delivery Network (CDN), resulting in intermittent errors, timeouts, and latency issues.

During the outage, users faced difficulties accessing various Microsoft services, including Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal, and several Microsoft 365 and Microsoft Purview services. Microsoft acknowledged that an error in their defense systems exacerbated the problem, stating, “While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack, initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.”

To address the outage, Microsoft implemented network configuration changes and failovers to alternative paths, which mitigated most of the issues by 14:10 UTC. However, some users continued to experience reduced availability until around 18:00 UTC. An updated mitigation strategy was then rolled out, first in Asia Pacific and Europe, and later in the Americas. By 19:43 UTC, failure rates returned to normal, and full recovery was confirmed by 20:48 UTC.

Source: https://kukublanph.data.blog/2024/07/31/microsoft-suffers-major-global-outage-due-to-ddos-attack/

Tags: IOT, IMPACT, CLOUD