- The Breach Report
- Posts
- Microsoft Azure confirms outage due to DDoS cyberattack
Microsoft Azure confirms outage due to DDoS cyberattack
Microsoft Azure, 365 and Purview services were down for 8 hours
Welcome to the latest issue of The Breach Report, a cybersecurity newsletter from the creators of the Cybersecurity Careers Blog. Be sure to subscribe via email or RSS.
Microsoft suffered from a distributed denial of service (DDoS) cyberattack that resulted in outages across its Azure, Microsoft 365, and Microsoft Purview services.
Microsoft Azure, 365 and Purview service outage caused by DDoS cyberattack
If you tried to access Microsoft Azure, 365, or Purview services on Tuesday, you may have experienced the latest outage to hit these platforms. Microsoft confirmed that a distributed denial of service (DDoS) cyberattack led to an eight-hour outage on Tuesday, July 30, 2024. Abnormal traffic spikes and timeouts affected Azure global services such as Azure Front Door and Azure Content Delivery Network.
Microsoft is investigating the outage. It will conduct a preliminary review of the incident within 72 hours and a detailed review within two weeks to understand what went wrong and how to better mitigate future attacks.
The outage comes only days after a global IT outage affected Microsoft Windows endpoints with Crowdstrike Falcon, an endpoint detection and response (EDR) tool. The defective Falcon update caused a “blue screen of death” (BSOD) on all affected systems, rendering the devices useless until remediation could be applied.
🛠️ Our teams confirmed the issue with Azure Front Door impacting a subset of Microsoft services globally is fully mitigated. A detailed resolution statement can be found in the Azure status history page at azure.status.microsoft/status/history/ under tracking ID KTY1-HW8. We apologize for any… x.com/i/web/status/1…
— Azure Support (@AzureSupport)
11:37 AM • Jul 31, 2024
Microsoft’s response to DDoS may have made outage worse
Microsoft said once the Azure DDoS protection mechanisms were triggered, “initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.”
Customer impact was first recorded at 11:45 UTC on July 30, and by 19:43 UTC, failure rates returned to pre-incident levels. Additional escalated incident response monitoring continued, and Microsoft declared the incident mitigated at 20:48 UTC.
Microsoft offers Azure Service Health alerts that trigger emails, SMS, push notifications, and webhooks.
Microsoft has not confirmed the origin of the attack or who is responsible at this time.
On the same day of the incident, Microsoft CEO Satya Nadella stated in an earnings call that “cybersecurity is a top priority for the company.”
Latest Cybersecurity News
What we’re reading across the wire about the latest cybersecurity hacks, breaches, industry news, and more.
New from our blog:
New from our favorite blogs and journalists:
CrowdStrike CEO says 97% of Windows sensors restored in IT outage recovery effort (Cybersecurity Dive)
Some companies pay ransomware attackers multiple times, survey finds (Cybersecurity Dive)
Business interruption claims will drive insurance losses linked to CrowdStrike IT disruption (Cybersecurity Dive)
CrowdStrike Explains What Went Wrong Days After Global Tech Outage (The Wall Street Journal)
CrowdStrike Outage Puts Its Financial Reporting Under Scrutiny, Too (The Wall Street Journal)
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware (The Hacker News)
City of Columbus Says Data Compromised in Ransomware Attack (Security Week)
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances (Security Week)
Ransomware attack forces hundreds of small Indian banks offline, sources say (Reuters)
Today’s Cyber Wall of Shame
Microsoft Windows users right now. #crowdstrike#bsod
— Tommy (@tferris)
7:21 AM • Jul 19, 2024
Until next time…
Rob Waters
Founder
The Breach Report + Cybersecurity Careers Blog
P.S. - Do you want to start a newsletter yourself?
You can with beehiiv. Create one today with a free trial.
Disclaimer: The Breach Report may contain affiliate links. Read our Advertising policy page.
Reply