Watch CBS News
By Elizabeth Napolitano
/ CBS/AP
Tens of thousands of Microsoft users reported serious service disruptions affecting the company’s flagship office suite products in early June, leaving them unable to access essential remote-work tools like Outlook email and One-Drive file-sharing apps.
The cause of the sporadic service disruptions, which Reuters reported lasted more than two hours, were initially unclear, according to the company’s tweets at the time. But now, the software company has identified a cause of the outages: a distributed denial-of-service (DDoS) attack executed by “Anonymous Sudan,” a cybercriminal group with alleged Russian ties.
Microsoft attributed the service outages during the week of June 5 to the cybercriminal group in a statement on its website Friday. Slim on details, the post said the attacks “temporarily impacted availability” of some services. The company also said the attackers were focused on “disruption and publicity” and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.
The Microsoft post linked the attackers to a group known as “Storm-1359,” using a term it assigns to groups whose affiliation it has not yet established. However, a Microsoft representative told the Associated Press that the group dubbed Anonymous Sudan was behind the attacks.
Microsoft said there was no evidence any customer data was accessed or compromised. The company did not immediately respond to CBS MoneyWatch’s request for comment.
While DDoS attacks are mainly a nuisance, making websites unreachable without penetrating them, security experts say they can disrupt the work of millions of people if they successfully interrupt popular tech services.
“DDoS is significant in terms of consumer usage, [meaning] you can’t get into a website, but it’s not a sophisticated attack,” Gil Messing, chief of staff at software and security firm Check Point, told CBS MoneyWatch.
Since the attack, Microsoft has taken several steps to guard against future DDoS attacks, including “tuning” its Azure Web Application Firewall, which serves as a line of defense against potential attacks, the company said in its statement.
Microsoft will need such precautions to ward off future attackers, who may be emboldened by the success of Anonymous Sudan’s attack, Steven Adair, president of cybersecurity firm Volexity, told CBS MoneyWatch.
“It looks like [Anonymous Sudan’s] DDoS efforts were met with a small level of success and that has gained quite a bit of attention,” Adair said. “It could spawn copycat attempts, but we are hoping this is not the case.”
The Associated Press contributed reporting.
Elizabeth Napolitano is a freelance reporter at CBS MoneyWatch, where she covers business and technology news. She also writes for CoinDesk. Before joining CBS, she interned at NBC News’ BizTech Unit and worked on the Associated Press’ web scraping team.
First published on June 19, 2023 / 1:19 PM EDT
© 2023 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.
Copyright ©2023 CBS Interactive Inc. All rights reserved.
Quotes delayed at least 15 minutes.
Market data provided by ICE Data Services. ICE Limitations. Powered and implemented by FactSet. News provided by The Associated Press. Legal Statement.
Leave a Reply