Microsoft recently suffered massive DDoS (distributed denial of service) attacks that led to large-scale outages in Microsoft 365 services such as Outlook, Teams and OneDrive.
After it was able to resolve the issues and looked into the matter more closely, the company said that the attackers were targeting Layer 7 or L7 (Application layer) of OSI, and assured that no customer data was compromised.
Beginning in early June 2023, Microsoft experienced spikes in traffic to some services that temporarily affected their availability. Microsoft immediately launched an investigation and began monitoring ongoing DDoS activity from a hacking group that Microsoft refers to as Storm-1359.
Anonymous Sudan what happened to the attack Microsoft received
These attacks likely use access to multiple virtual private servers (VPS), rented cloud infrastructure, open proxies, and DDoS tools.
After a few weeks, Microsoft 365 services were attacked again today, although the problem was resolved within hours. Details of the issue can be tracked under ID MO597504 in the Microsoft 365 admin center.
We determined that the mitigations have helped resolve the underlying issue and our telemetry has confirmed that the impact to accessing files is now resolved. Further details can be found under MO597504 in the admin center.
- Microsoft 365 Status (@ MSFT365Status) June 20, 2023
According to the official Microsoft 365 Twitter account, today's attack only affected users in Western Europe.
We're investigating an issue where some users in Western Europe are unable to access files within the Microsoft 365 Service. Further details can be found under MO597504 in the admin center.
- Microsoft 365 Status (@ MSFT365Status) June 20, 2023
Later today the company confirmed that the issues had been resolved after an extended monitoring period.
It remains to be seen if what the company says will last, or to put it another way, if the hackers also agree.