Microsoft disclosed that recent outages to its 365 software suite services, including Outlook, Teams, and OneDrive, were caused by a distributed denial-of-service (DDoS) attack by a threat actor.
The company made an official statement on 16 June, revealing that they had detected a surge in traffic aimed at specific services, causing their temporary unavailability. According to Microsoft, the attackers likely employed a combination of tactics, including exploiting multiple virtual private servers (VPS), utilising rented cloud infrastructure, leveraging open proxies, and deploying DDoS tools. The company immediately began investigating the incident and has been actively monitoring ongoing DDoS activities, specifically those carried out by a group known as Storm-1359, also called Anonymous Sudan-a hacktivist organisation with pro-Russian affiliations.
Microsoft has not specified the number of affected customers and the global impact of the cyberattack. In response to a request from The Associated Press, Microsoft released the blog post, which also confirmed that no evidence suggests any unauthorised access or compromise of customer data in the wake of the recent cyberattacks. At the same time, experts warn that while DDoS attacks primarily disrupt services without infiltrating systems, their impact can be far-reaching, potentially disrupting the operations of millions of users when targeting a software service giant like Microsoft, upon which global commerce heavily relies.