UNITED STATES NEWS

Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks

Jun 19, 2023, 10:30 AM

(Photo by Steffen Trumpf/Getty Images)...

(Photo by Steffen Trumpf/Getty Images)

(Photo by Steffen Trumpf/Getty Images)

BOSTON (AP) — In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks.

Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame.

But the software giant has offered few details — and did not immediately comment on how many customers were affected and whether the impact was global. A spokeswoman confirmed that the group that calls itself Anonymous Sudan was behind the attacks. It claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian.

Microsoft’s explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks “temporarily impacted availability” of some services. It said the attackers were focused on “disruption and publicity” and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.

Microsoft said there was no evidence any customer data was accessed or compromised.

While DDoS attacks are mainly a nuisance — making websites unreachable without penetrating them — security experts say they can disrupt the work of millions if they successfully interrupt the services of a software service giant like Microsoft on which so much global commerce depends.

It’s not clear if that’s what happened here.

“We really have no way to measure the impact if Microsoft doesn’t provide that info,” said Jake Williams, a prominent cybersecurity researcher and a former National Security Agency offensive hacker. Williams said he was not aware of Outlook previously being attacked at this scale.

“We know some resources were inaccessible for some, but not others. This often happens with DDoS of globally distributed systems,” Williams added. He said Microsoft’s apparent unwillingness to provide an objective measure of customer impact “probably speaks to the magnitude.”

Microsoft dubbed the attackers Storm-1359, using a designator it assigns to groups whose affiliation it has not yet established. Cybersecurity sleuthing tends to take time — and even then can be a challenge if the adversary is skilled.

Pro-Russian hacking groups including Killnet — which the cybersecurity firm Mandiant says is Kremlin-affiliated — have been bombarding government and other websites of Ukraine’s allies with DDoS attacks. In October, some U.S. airport sites were hit. Analyst Alexander Leslie of the cybersecurity firm Recorded Future said it’s unlikely Anonymous Sudan is located as it claims in Sudan, an African country. The group works closely with Killnet and other pro-Kremlin groups to spread pro-Russian propaganda and disinformation, he said.

Edward Amoroso, NYU professor and CEO of TAG Cyber, said the Microsoft incident highlights how DDoS attacks remain “a significant risk that we all just agree to avoid talking about. It’s not controversial to call this an unsolved problem.”

He said Microsoft’s difficulties fending of this particular attack suggest “a single point of failure.” The best defense against these attacks is to distribute a service massively, on a content distribution network for example.

Indeed, the techniques the attackers used are not old, said U.K. security researcher Kevin Beaumont. “One dates back to 2009,” he said.

Serious impacts from the Microsoft 365 office suite interruptions were reported on Monday June 5, peaking at 18,000 outage and problem reports on the tracker Downdetector shortly after 11 a.m. Eastern time.

On Twitter that day, Microsoft said Outlook, Microsoft Teams, SharePoint Online and OneDrive for Business were affected.

Attacks continued through the week, with Microsoft confirming on June 9 that its Azure cloud computing platform had been affected.

On June 8, the computer security news site BleepingComputer.com reported that cloud-based OneDrive file-hosting was down globally for a time.

Microsoft said at the time that desktop OneDrive clients were not affected, BleepingComputer reported.

United States News

Associated Press

New York’s ‘equal rights’ constitutional amendment restored to ballot by appeals court

ALBANY, N.Y. (AP) — A proposed amendment to New York’s constitution barring discrimination based on “gender identity” and “pregnancy outcomes” was restored to the November election ballot Tuesday by a state appeals court. In a short decision, a panel of midlevel appellate judges overturned a May decision by an upstate judge to strike the proposed […]

50 seconds ago

Associated Press

Texas megachurch pastor resigns after woman says he sexually abused her in the 1980s

DALLAS (AP) — The pastor of a Texas megachurch has resigned after a woman said he had sexually abused her on multiple occasions in the 1980s, beginning when she was 12. Gateway Church’s board of elders said in a statement Tuesday that they’d accepted the resignation of Robert Morris, the church’s senior pastor and founder. […]

17 minutes ago

Associated Press

Trump declares ‘I love Milwaukee’ after reportedly using the word ‘horrible’ for the RNC host city

RACINE, Wisconsin (AP) — Former President Donald Trump on Tuesday repeatedly praised Milwaukee just weeks before it hosts the Republican National Convention, playing cleanup after he reportedly used the word “horrible” in talking about swing-state Wisconsin’s largest city. “I love Milwaukee,” Trump told the crowd in nearby Racine, Wisconsin. He was reported to have used […]

59 minutes ago

Associated Press

Man who followed woman into her NYC apartment and stabbed her to death pleads guilty to murder

NEW YORK (AP) — A man pleaded guilty to murder on Tuesday for stabbing a woman to death after following her from the street into her lower Manhattan apartment building. Assamad Nash, 27, also pleaded guilty to burglary as a sexually motivated felony in the Feb. 13, 2022, attack on 35-year-old Christina Yuna Lee. “Today […]

3 hours ago

Associated Press

Vermont lawmaker apologizes for repeatedly pouring water in her colleague’s bag

MONTPELIER, Vt. (AP) — A Republican state lawmaker from Vermont has apologized for repeatedly pouring water into a Democratic colleague’s bag, after he caught her doing it on video. State Rep. Mary Morrissey publicly apologized to state Rep. Jim Carroll, colleagues and the citizens of Vermont from the House floor on Monday. Both are from […]

3 hours ago

Associated Press

Google to invest another $2.3 billion into Ohio data centers

COLUMBUS, Ohio (AP) — Google will invest an additional $2.3 billion to support three data center campuses in central Ohio, the company announced Tuesday. The tech giant has centers in New Albany and Lancaster and one under construction in Columbus to help power its services such as search, Gmail, maps, cloud and YouTube for users […]

3 hours ago

Sponsored Articles

...

Collins Comfort Masters

Here’s how to be worry-free when your A/C goes out in the middle of summer

PHOENIX -- As Arizona approaches another hot summer, Phoenix residents are likely to spend more time indoors.

...

Day & Night Air Conditioning, Heating and Plumbing

Beat the heat, ensure your AC unit is summer-ready

With temperatures starting to rise across the Valley, now is a great time to be sure your AC unit is ready to withstand the sweltering summer heat.

...

Collins Comfort Masters

Here’s 1 way to ensure your family is drinking safe water

Water is maybe one of the most important resources in our lives, and especially if you have kids, you want them to have access to safe water.

Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks