- By Ashish Singh
- Mon, 19 Jun 2023 12:26 PM (IST)
- Source:JND
Microsoft-owned Outlook experienced an outage previously, with as many as 18,000 individuals reporting it at its peak due to a Distributed Denial-of-Service (DDoS) attack. This happened after the business acknowledged the attack in a blog post that included technical specifics and tips for preventing similar attacks in the future.
The blog post makes no indication of whether things are under control, nor does it say whether the attack subsided on its own. Twitter, however, claims that the issue started on June 5 and was resolved the next day.
"Beginning in early June, Microsoft detected spikes in traffic against certain services, which temporarily impacted availability. Microsoft immediately launched an investigation and began tracking ongoing DDoS activity by the threat actor known as AStorm-1359," the company claimed in a blog post.
“These attacks are most likely based on access to many virtual private servers (VPS), as well as rented cloud infrastructure, open proxies, and DDoS tools,” it added. However, there is no proof that the client's information has been accessed or compromised. This DDoS attack didn't target layer 3 or layer 4, but layer 7.
What Security Measure Microsoft Took
Microsoft improved layer 7 defenses, including fine-tuning the Azure Web Application Firewall (WAF), to better protect customers from the effects of such DDoS attacks. Although most interruptions can be adequately managed with the use of these tools and approaches, the tech giant constantly assesses the effectiveness of its hardening capabilities and incorporates learning to improve and perfect them.
"Microsoft determined that Storm-1359 has access to a number of tools and botnets that could allow the threat actor to perform DDoS assaults from a number of open proxy infrastructures and cloud services. Storm-1359 seems to be focused on disruption and publicity," the company added in the blog post.