In early June, several Microsoft services stopped working for a few hours due to technical problems. In reality, the tech giant has been the victim of a series of cyberattacks! Not very reassuring…
Remember the outage that affected Outlook, Teams, SharePoint Online, OneDrive and Azure in early June? For several hours, users of Microsoft services had great difficulty logging in, if not being able to log in at all. Enough to disrupt the work of millions of people around the world! Although the company initially mentioned technical problems, it finally admitted, in a statement published on June 16, having been the target of a series of denial of service (DDoS) attacks, which “temporarily impacted” many of its services. Apparently, the hackers mainly sought to block these and generate advertising. Like what, even the tech giant is not immune to cyberattacks! But what are the consequences for users?
Microsoft hack: a massive influx of requests
A denial of service attack consists in preventing, or at least restricting access to one or more Web services by flooding them with requests in order to saturate the company’s servers. In this way, it exhausts their resources so that they can no longer respond to access requests. To achieve this, Microsoft believes that the hackers used numerous virtual private servers (VPS, for Virtual Private Server), a cloud infrastructure rented for the occasion, open proxies and other tools intended for this type of attack. DDoS are not easy to repel, as it is difficult to distinguish between genuine traffic and that which is caused by attackers with the aim of destabilizing the service.
The cyberattack was carried out by a group of hackers named Anonymous Sudan, which has been active since last January. As reported Bleeping Computer, the organization has warned that it will go after companies, organizations and governments that oppose Sudan. In Microsoft’s case, she said it was a way to protest against US interference in Sudanese politics. However, some security researchers believe that this is just a cover and that Anonymous Sudan is actually linked to Russia. Indeed, the group recently announced that it was forming a “DARKNET Parliament” with Killnet and Revil, two other pro-Russian hacker organizations, and preparing an attack against the European bank transfer systems SEPA, IBAN, WIRE, SWIFT and WISE.
AT Currently, it is difficult to measure the exact impact of the operation, especially with the little information provided by Microsoft. However, the Redmond firm wants to be reassuring. “We found no evidence that customer data was accessed or compromised”she assures, before adding that “Microsoft has strengthened Layer 7 protections, including adjusting the Azure Web Application Firewall (WAF), to better protect customers from the impact of similar DDoS attacks.” The case is still ongoing.