Microsoft Says Early June Disruptions To Outlook, Cloud Platform, Were Cyberattacks (apnews.com) 25
An anonymous reader shares a report: In early June, sporadic but serious service disruptions plagued Microsoft's flagship office suite -- including the Outlook email and OneDrive file-sharing apps -- and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were indeed to blame.
But the software giant has offered few details -- and did not immediately comment on how many customers were affected and whether the impact was global. A spokeswoman confirmed that the group that calls itself Anonymous Sudan was behind the attacks. It claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian. Microsoft's explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks "temporarily impacted availability" of some services. It said the attackers were focused on "disruption and publicity" and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.
But the software giant has offered few details -- and did not immediately comment on how many customers were affected and whether the impact was global. A spokeswoman confirmed that the group that calls itself Anonymous Sudan was behind the attacks. It claimed responsibility on its Telegram social media channel at the time. Some security researchers believe the group to be Russian. Microsoft's explanation in a blog post Friday evening followed a request by The Associated Press two days earlier. Slim on details, the post said the attacks "temporarily impacted availability" of some services. It said the attackers were focused on "disruption and publicity" and likely used rented cloud infrastructure and virtual private networks to bombard Microsoft servers from so-called botnets of zombie computers around the globe.
Not to be picky, but ... (Score:2, Funny)
Microsoft's flagship office suite
Do they have another (non-flagship) office suite?
Re: (Score:3)
Wordpad?
Re: (Score:2)
Wordpad?
Not sure that classifies as an "office suite". :-)
Re: (Score:2)
Re: (Score:2)
wordpad, notepad, technically nano inside ubuntu for windows...
Not sure those classify as "office suites". :-)
Re: (Score:1)
wordpad, notepad, technically nano inside ubuntu for windows...
Not sure those classify as "office suites". :-)
They can edit plaintext, csv and markdown! ;-)
Re: (Score:2)
They used to:
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:1)
Ya works, used to be the pack in with new PCs and what you used outside of work for years before getting a pirated copy off office ;)
Re: (Score:2)
Do they have another (non-flagship) office suite?
I believe MIcrosoft Works is still a thing. It's just an all-in-one office suite rather than a collection of office programs.
Re: (Score:2)
Microsoft Says Early June Disruptions To Outlook, Cloud Platform, Were Cyberattacks
And what is it the rest of the year?
And that's why the cloud sucks (Score:1)
The internet goes down: no more work, no more access to your files.
The cloud provider gets hacked: no more work. no more access to your files.
As opposed to running your software locally behind a simple but properly secured router - or, if you're very paranoid, air-gapped. What a concept eh?
Quite frankly, I'm waiting for a major and very long disruption to mission-critical services like Office to occur, so the world finally wakes up to the insanity of SaaS. I think a major earthquake in a country like Indone
Re: (Score:3)
>As opposed to running your software locally behind a simple but properly secured router - or, if you're very paranoid, air-gapped. What a concept eh?
So run without ANY DDoS or DoS mitigation?
The real difference here is that you get caught up in a general attack on the SaaS provider vs you getting targeted directly or your ISP.
Re: (Score:2, Insightful)
You know, it's a small wonder the computer world managed to survive as long as it did since the internet came about without the cloud...
Also, people have a short memory: before the personal computer, software was run on mainframes. Mainframes were a centralized computer controlled by someone else: you accessed them with terminals, it was slow when it worked and you were SOL when it didn't, you paid through the nose for access to so-so services, and you had to deal with fatheads called "operators" when you h
Re: (Score:3)
>Everybody hated mainframes. When home computers became powerful enough to run software locally, it was so liberating!
Leading to all sorts of Access and Excel "APPS" in the business with conflicting formulas and versions and completely different platforms in every department
Really there is a spectrum of benefit from central to thick client to local apps.. There are benefits and flaws to all and sometimes a system works better in one or the other.
What I can tell you is I would rather have "APP" level SaaS
Re: (Score:2)
What I'd rather have is software that belongs to me, running on hardware that belongs to me, with a set of features that won't change or disappear at the whim of the software vendor, that I pay for once and control forever, and is totally immune to the vagaries of the internet.
When did the concept of owning stuff that performs forever exactly like the day you paid for it disappear?
Re: (Score:3)
It died when you need to comply with security requirements through the entire stack and keep them compatible and didn't have to worry about constant live cyber attack.
IT standard for on prem what don't change anything let it rot for a few decades, everything worked over plain text local and didn't change.
Say on the same OS..... Till it didn't work with old hardware any more.
Stay on the current app, Holding BACK the OS and library's to keep it compatible.
Don't update change the app, even if it is full of vul
Re: (Score:2, Redundant)
If the internet goes down, you are hosed even if you do host all your servers on-site. Oh wait, you think it's a good idea to host your servers in an office closet? Not an ideal place to have the best connectivity. And what happens when your puny 1 Gbps connection gets DDOSed? Best of luck to you. Azure has such enormous bandwidth that it takes a major operation to take it down. And does your company have the brightest security team on staff? I'll bet they don't. You're lucky if your company even has "a guy
Re: And that's why the cloud sucks (Score:2)
I think you are overlooking just how shoddy and haphazard the business world is. There is lots of shrieking and drama about deadlines, but if the deadlines are missed by hours, weeks or months, the businesses still lurch on in their inefficient corrupt dishonest way
SaaS (Score:3)
Just another way of saying central point of failure. We'll never learn.
Re: (Score:3)
"Anonymous Sudan" has apparently mounted several attacks, mostly on targets in Australia. There are three reasons Anonymous Sudan is considered a cover name for a Russian group:
- their targets tend to be ones which have raised the ire of the Russians (in Australia?).
- DOS attacks like this cost money, not an incredible amount but more than a genuine Anonymous Sudan is likely to be able to throw away.
- The victims have no idea they are about to be targeted until it happens, this is unusual for an informal g
Re: (Score:2)
Correction, _they_ will never learn.
Outlook Search (Score:2)
Has this been under continuous attack? How can it still be so bad.
Ah, so their pathetic products collapsed... (Score:2)
... at the first sign of trouble. No surprise.