Microsoft confirmed it was hit by a DDoS attack

Microsoft confirmed that a nearly 10-hour service interruption that prevented users from accessing some Microsoft services on July 30 was due to a denial of service (DDoS) attack.

Microsoft announced that the incident started at about 6:45 p.m. on July 30, affecting services including Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy and a small part of Microsoft 365 and Microsoft services. Microsoft Purview. At about 2:43 a.m. on July 31, the incident was resolved.

Microsoft confirmed it was hit by a DDoS attack Picture 1

According to media, this incident has impacted water suppliers, courts, banks and many other organizations.

Microsoft confirmed that initially, the company experienced an unexpected spike in usage, causing Azure Front Door and Azure Content Delivery Network to operate below acceptable thresholds, thereby causing latency, errors and outage issues. waiting time.

The investigation results showed that the DDoS attack triggered the protection mechanism, but instead of mitigating, the impact was amplified due to implementation errors in the defense systems. Thus, the Azure incident occurred right in the software used to protect the system against DDoS attacks, similar to the CrowdStrike incident. This once again shows the importance of thorough software testing.

Microsoft will publish a preliminary assessment within 72 hours to share more details about the incident and confirm that lessons will be learned.

Isabella Humphrey

Update 02 August 2024