DDoS cyberattack affects several Microsoft services

30/07/2024

Microsoft has reported, via its Azure post-incident review page (ID: KTY1-HW8), an incident handled on 30 July that affected the connection quality of several customers trying to access Microsoft services using Azure Front Door (AFD) and Azure Content Delivery Network (CDN).

Analysis of the incident revealed that the source of the incident was a distributed denial of service (DDoS) attack, which affected several of the company's services, including Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal itself, as well as a subset of Microsoft 365 and Microsoft Purview services.

Furthermore, in the incident report, Microsoft acknowledges that an error in the implementation of Azure's defensive anti-DDoS measures amplified the impact of the attack, rather than reducing it.

References

30/07/2024

x.com

Comunicado oficial Microsoft 365 Status
30/07/2024

azure.status.microsoft

Preliminary Post Incident Review (PIR) – Azure Front Door – Connectivity issues in multiple regions (Tracking ID: KTY1-HW8)
31/07/2024

forbes.com

Microsoft Confirms New Outage Was Triggered By Cyberattack
31/07/2024

helpnetsecurity.com

Microsoft: DDoS defense error amplified attack on Azure, leading to outage
31/07/2024

securityweek.com

Microsoft Says Azure Outage Caused by DDoS Attack Response
01/08/2024

elespanol.com

Hackeo contra Microsoft: un ataque DDoS vuelve a provocar fuertes caídas en Microsoft 365 y Azure en todo el mundo

Etiquetas