Microsoft’s Services Disrupted by DDoS Attacks from Shadowy Hacktivist Group

  • Microsoft’s services including Outlook, OneDrive, and Azure cloud computing platform were disrupted in early June due to a series of DDoS attacks claimed by a group called Anonymous Sudan.
  • While Microsoft assures no customer data was compromised, the scale of the attack highlights the significance of DDoS threats and the necessity for enhanced security measures to protect essential services that millions rely on.

Microsoft Corporation’s essential services, including Outlook email and OneDrive file-sharing apps, along with its cloud computing platform, were disrupted by a series of distributed denial-of-service (DDoS) attacks, according to a recent statement by the tech giant. A group known as Anonymous Sudan claimed responsibility for the attacks through its Telegram social media channel.

Microsoft Onedrive

Microsoft initially withheld the cause of the service disruptions, but finally confirmed in a blog post on Friday that the DDoS attacks by Anonymous Sudan were to blame. The company, however, has not disclosed how many customers were affected or whether the disruptions had a global impact.

DDoS attacks essentially involve overwhelming servers with an excess of traffic, causing them to become inaccessible to users. The post, which was rather slim on specifics, explained that the attacks were aimed at “disruption and publicity” and that the perpetrators likely employed rented cloud infrastructure and virtual private networks to orchestrate the attacks using botnets of zombie computers worldwide.

Notably, Microsoft has assured its users that there is no evidence of any customer data being accessed or compromised.

While DDoS attacks are generally a form of digital vandalism, which doesn’t usually penetrate systems, the scale and target being Microsoft – a critical player in global commerce – raises concerns about the potential disruption to millions of users and businesses.

Speculation has arisen concerning Anonymous Sudan’s origins. While the group claims to be based in Sudan, Alexander Leslie, an analyst from cybersecurity firm Recorded Future, doubts the authenticity of this claim. He suggests that Anonymous Sudan may be closely aligned with pro-Kremlin groups, including Killnet, which has been associated with DDoS attacks on websites of Ukraine’s allies.

The attacks reportedly peaked on Monday, June 5, with 18,000 outage and problem reports logged on Downdetector shortly after 11 a.m. Eastern Time. Microsoft later acknowledged on Twitter that its services, including Outlook, Microsoft Teams, SharePoint Online, and OneDrive for Business, were affected. The attacks persisted through the week, impacting Microsoft’s Azure cloud computing platform until June 9.

It remains to be seen what steps Microsoft will take to bolster its defenses against future DDoS attacks and how this incident may shape the strategies employed by major tech companies in safeguarding their services against disruptions.