Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Security

Microsoft Says Early June Disruptions To Outlook, Cloud Platform, Were Cyberattacks (apnews.com) 25

An anonymous reader shares a report: In early June, sporadic but serious service disruptions plagued Microsoft's flagship office suite -- including the Outlook email and OneDrive file-sharing apps -- and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame.

But the software giant has offered few details -- and did not immediately comment on how many customers were affected and whether the impact was global. A spokeswoman confirmed that the group that calls itself Anonymous Sudan was behind the attacks. It claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian. Microsoft's explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks "temporarily impacted availability" of some services. It said the attackers were focused on "disruption and publicity" and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.

This discussion has been archived. No new comments can be posted.

Microsoft Says Early June Disruptions To Outlook, Cloud Platform, Were Cyberattacks

Comments Filter:
  • Microsoft's flagship office suite

    Do they have another (non-flagship) office suite?

  • The internet goes down: no more work, no more access to your files.
    The cloud provider gets hacked: no more work. no more access to your files.

    As opposed to running your software locally behind a simple but properly secured router - or, if you're very paranoid, air-gapped. What a concept eh?

    Quite frankly, I'm waiting for a major and very long disruption to mission-critical services like Office to occur, so the world finally wakes up to the insanity of SaaS. I think a major earthquake in a country like Indone

    • >As opposed to running your software locally behind a simple but properly secured router - or, if you're very paranoid, air-gapped. What a concept eh?

      So run without ANY DDoS or DoS mitigation?

      The real difference here is that you get caught up in a general attack on the SaaS provider vs you getting targeted directly or your ISP.

      • Re: (Score:2, Insightful)

        You know, it's a small wonder the computer world managed to survive as long as it did since the internet came about without the cloud...

        Also, people have a short memory: before the personal computer, software was run on mainframes. Mainframes were a centralized computer controlled by someone else: you accessed them with terminals, it was slow when it worked and you were SOL when it didn't, you paid through the nose for access to so-so services, and you had to deal with fatheads called "operators" when you h

        • >Everybody hated mainframes. When home computers became powerful enough to run software locally, it was so liberating!

          Leading to all sorts of Access and Excel "APPS" in the business with conflicting formulas and versions and completely different platforms in every department

          Really there is a spectrum of benefit from central to thick client to local apps.. There are benefits and flaws to all and sometimes a system works better in one or the other.

          What I can tell you is I would rather have "APP" level SaaS

          • What I'd rather have is software that belongs to me, running on hardware that belongs to me, with a set of features that won't change or disappear at the whim of the software vendor, that I pay for once and control forever, and is totally immune to the vagaries of the internet.

            When did the concept of owning stuff that performs forever exactly like the day you paid for it disappear?

            • It died when you need to comply with security requirements through the entire stack and keep them compatible and didn't have to worry about constant live cyber attack.

              IT standard for on prem what don't change anything let it rot for a few decades, everything worked over plain text local and didn't change.

              Say on the same OS..... Till it didn't work with old hardware any more.

              Stay on the current app, Holding BACK the OS and library's to keep it compatible.

              Don't update change the app, even if it is full of vul

    • Re: (Score:2, Redundant)

      by Tony Isaac ( 1301187 )

      If the internet goes down, you are hosed even if you do host all your servers on-site. Oh wait, you think it's a good idea to host your servers in an office closet? Not an ideal place to have the best connectivity. And what happens when your puny 1 Gbps connection gets DDOSed? Best of luck to you. Azure has such enormous bandwidth that it takes a major operation to take it down. And does your company have the brightest security team on staff? I'll bet they don't. You're lucky if your company even has "a guy

    • I think you are overlooking just how shoddy and haphazard the business world is. There is lots of shrieking and drama about deadlines, but if the deadlines are missed by hours, weeks or months, the businesses still lurch on in their inefficient corrupt dishonest way

  • by RitchCraft ( 6454710 ) on Monday June 19, 2023 @02:32PM (#63616076)

    Just another way of saying central point of failure. We'll never learn.

    • "Anonymous Sudan" has apparently mounted several attacks, mostly on targets in Australia. There are three reasons Anonymous Sudan is considered a cover name for a Russian group:
      - their targets tend to be ones which have raised the ire of the Russians (in Australia?).
      - DOS attacks like this cost money, not an incredible amount but more than a genuine Anonymous Sudan is likely to be able to throw away.
      - The victims have no idea they are about to be targeted until it happens, this is unusual for an informal g

    • by gweihir ( 88907 )

      Correction, _they_ will never learn.

  • Has this been under continuous attack? How can it still be so bad.

  • ... at the first sign of trouble. No surprise.

You know you've landed gear-up when it takes full power to taxi.

Working...