Earlier this month, Microsoft’s various cloud services including Azure, Outlook, and Teams experienced service outages that affected millions of users. Microsoft acknowledged the disruptions of service on Monday, June 5, and attacks continued throughout the week.
The company finally explained what happened in blog post that was quietly published on Friday. And as it turns out, the company was the victim of a cyberattack from a group the company named “Storm-1359.”
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
“Microsoft assessed that Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures. Storm-1359 appears to be focused on disruption and publicity,” the company explained.
A distributed denial-of-service (DDoS) attack is a type of cyberattack that aims to disrupt a service by overwhelming it with an unexpected amount of traffic. The consequences can be serious when the target is a company like Microsoft that runs cloud services millions of customers rely on every day.
Microsoft said that it has no evidence that any customer data has been accessed or compromised by this attack group. In response to these coordinated DDoS attacks, Microsoft also said that it has updated its Azure Web Application Firewall (WAF) to better protect its customers in the future. “Microsoft consistently reviews the performance of its hardening capabilities and incorporates learnings into refining and improving their effectiveness,” the software giant also said.