Microsoft Opens Up About the Real Cause of Azure and 365 Down
Morrissey Technology – Technology company Microsoft opened up about Microsoft 365 and Azure services being down for nine hours worldwide last Tuesday (30/7). It all turned out to be triggered by fake traffic or distributed denial-of-service (DDoS) cyber attacks.
The company based in Redmond, Washington DC, United States (US) said that it previously had a defense mechanism for DDoS attacks. However, from a temporary investigation into the DDoS defense that occurred this week, it actually strengthened the impact of the attack.
“Even though the initial trigger event was a Distributed Denial-of-Service (DDoS) attack, which activated our DDoS protection mechanisms,” said Microsoft’s official statement.
“Preliminary investigations indicate that errors in the implementation of our defenses amplified the impact of the attack rather than mitigating it.”
Microsoft’s security team is also working to understand DDoS, and mitigate its defenses.
“Once the nature of the usage spike was understood, we implemented network configuration changes to support our DDoS protection efforts, and failed over alternate network paths to provide relief,” the statement continued.
Previously the service outage due to the DDoS attack impacted Microsoft Entra, several Microsoft 365 and Microsoft Purview services (including Intune, Power BI, and Power Platform), as well as Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy , and the Microsoft Azure Portal.
Microsoft said it plans to release a Initial Post-incident Review (PIR) within 72 hours and a Final Post-incident Review within the next two weeks, with additional details and learnings from this week’s outage. So far, Microsoft has stated that there have been no specific threats made by the perpetrators regarding this DDoS attack.
If we look back, in June 2023, Microsoft also confirmed that an actor known as Anonymous Sudan alias Storm-1359 carried out a DDoS attack which resulted in the outage of Azure, Outlook and the OneDrive web portal.
Additionally, early last July, tens of thousands of Microsoft 365 customers were impacted by another widespread outage. At that time, Microsoft said this was due to changes to the Azure configuration. Other major outages also affected Microsoft 365 services in July 2022 following an incorrect Enterprise Configuration Service (ECS) deployment and in January 2023 following a Wide Area Network IP change.