[ad_1]
Microsoft has confirmed that the July 30 outage was caused by a distributed denial of service attack. consult It added that “errors in the implementation of defensive measures” during mitigation attempts had made the problem worse.
Azure cloud services were affected between approximately 11:45 UTC and 19:43 UTC after a flood of internet traffic. Redmond security experts said Azure Front Door and Azure Content Delivery Network components “performed below acceptable thresholds, resulting in intermittent errors, timeouts, and latency spikes.”
Microsoft DDoS protection mechanism However, a mistake in the implementation “amplified the impact of the attack rather than mitigated it.” The security team performed network configuration changes and failovers to alternative network paths to relieve pressure on primary systems.
Most of the impact was mitigated within two and a half hours, but additional work was required to restore availability to all users by 18:00 UTC. The incident was declared over at 20:48 UTC.
The responsible party for this DDoS attack has not yet been determined. However, the hacker group “SN_blackmeta” Claiming responsibilityMicrosoft said it will release preliminary post-incident review findings by the end of the week and a more in-depth review within 14 days.
“We have fully resolved the service disruption that some customers may have experienced on July 30,” a Microsoft spokesperson told TechRepublic in an email. For more details, visit Azure status Page.”
look: White hat hackers discover Microsoft leaking 38TB of internal data via Azure storage
The Azure outage affected a global audience, impacting a subset of customers trying to connect to Azure App Service, Application Insights, Azure IoT Central, Azure Log Search alerts, Azure Policy, the Azure portal itself, and Microsoft 365 and Microsoft Purview services.
A number of different organizations released statements on Tuesday notifying users that their services were disrupted by the Azure DDoS attack. These included Minecraft maker Mojang, GitHub CodeSpaces, DocuSign, Water Company, Courts and soccer club. Microsoft later Sorry for the inconvenience.
“Modern online services are built on layers of dependencies, and in quite a few of those service stacks you’ll find Microsoft services,” Stephen Robinson, senior threat intelligence analyst at security firm WithSecure, told TechRepublic in an emailed statement. One of the affected Microsoft services, Entra, is used to allow people to log into services and websites, and without it, users can’t log in.
“So while this disruption only lasted a short time and affected some services, the impact was still noticeable for many people.”
What is a Denial of Service Attack?
A denial of service (DoS) attack is an attack strategy in which a malicious actor attempts to prevent others from accessing a web server, web application, or cloud service by flooding it with service requests.
While DoS attacks are single-source in nature, distributed denial-of-service (DDoS) attacks use a large number of machines across different networks to disrupt a specific service provider; mitigating such attacks is more challenging because the attack comes from multiple sources.
DDoS attacks are on the rise
DDoS attacks are becoming more common. Cloudflare has recorded 20% year-on-year growth in the second quarter In 2024, after 50% growth in the first quarterThere are signs that the increase is related to geopolitics, with anti-DDoS service Stormwall noting that Relevance to election period and Attacks on Israel increase Since the escalation of the Gaza conflict.
look: New DDoS attack sets record: Google, AWS, and Cloudflare report HTTP/2 rapid reset zero-day attack
Major DDoS attacks affecting Microsoft services are rare, but not unheard of. A series of attacks against Azure and other online platforms were blamed on a group called Anonymous Sultandisrupting services such as Outlook and OneDrive.
Microsoft also reported DDoS attacks increase during the holiday season That year, the Raiders tried to take advantage of a smaller staff.
However, non-DDoS outages have plagued Microsoft this summer. On July 19, tens of thousands of users in the U.S. Unable to access Microsoft 365 services After an Azure configuration change. Just a few hours ago CrowdStrike Falcon Sensor Update Error Disrupted 8.5 million Windows devices worldwide.
[ad_2]
Source link
