In early June, complaints surfaced on Twitter that Outlook was down at the height of a distributed denial-of-service (DDoS) attack affecting up to 18,000 users, according to an article in The Associated Press This Morning (AP). Microsoft acknowledged the attack in a blog post on Friday, providing some technical details and recommendations for protecting against such attacks in the future.
The AP article said a spokeswoman (believed to be from Microsoft, although the article doesn’t specifically clarify this) confirmed that the group was Anonymous Sudan, a group that has been active since at least January it in an article in Cybernews reporting on the attack the day it happened. In that article, the group claimed their attack lasted about an hour and a half before ceasing.
According to a former National Security Agency offensive hacker named Jake Williams, who is quoted in the AP story, “there’s no way to measure the impact if Microsoft doesn’t provide this information,” and he didn’t realize Outlook was hit so hard became before.
In 2021, Microsoft repelled what was then the largest DDoS attack of all time, lasting more than 10 minutes and traffic peaking at 2.4 terabits per second (Tbps). In 2022, an attack reached 3.47 Tbps. It’s not clear how large the traffic outbreaks were in the June attack.
According to Microsoft in its blog post, the DDoS activity targeted OSI layer 7 – the layer of a network where applications access network services. Your apps, e.g. B. e-mails, their data. Microsoft believes the attackers, which it calls Storm-1359, used botnets and tools to launch their attacks “from multiple cloud services and open proxy infrastructures,” and they appear to have targeted disruption and advertising.
We’ve reached out to Microsoft for comment and will update it here when we receive a response.