Microsoft Reveals last night Disruption of Microsoft 365 and Azure Due to DDoS Attack
Brook.X
Last night, Microsoft's cloud computing service, Microsoft Azure, experienced another outage. Since many of Microsoft's services, especially Microsoft 365, operate on Microsoft Azure, the disruption affected various services of Microsoft 365, including OneDrive and Outlook, among others.
Microsoft later disclosed that the outage was caused by a combination of a DDoS (Distributed Denial of Service) attack and errors within the Microsoft cloud computing platform. The initiation of Azure's automatic protection mechanism in response to the DDoS attack not only failed to alleviate the issue but exacerbated the impact of the disruption.
Subsequently, several Microsoft online services encountered problems, including the Azure portal itself. The renowned coffee brand Starbucks, which utilizes Azure services, also experienced interruptions with its mobile ordering functionality for several hours.
In a status log, Microsoft stated that the incident was initially triggered by a DDoS attack. Microsoft then adjusted configurations within the network to mitigate the DDoS attack and initiate a failover. However, preliminary investigations indicated that the deployed mitigation measures amplified the impact of the attack.
DDoS attacks involve overwhelming a target server with massive requests from a large number of compromised networks. Hackers can also exploit certain vulnerabilities in the TCP protocol to amplify their attacks.
Under normal circumstances, small-scale DDoS attacks would not impact Azure, as cloud platforms like Azure face billions of attacks daily, most of which are mitigated. It was unexpected that an update deployed by Microsoft itself this time exacerbated the issue.
Currently, Microsoft has not disclosed detailed information about the incident. The company has committed to publishing a preliminary incident review within approximately 72 hours and an internal review within about 14 days, followed by a public disclosure of the complete details of the event.
Publishing detailed information will not only help maintain the transparency of Azure and boost customer confidence but also assist Microsoft in conducting a thorough investigation of the issue, learning from the experience to more effectively handle such problems in the future.
