Microsoft Says June Disruptions Were Cyberattacks

In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform, Frank Bajak reported for the Associated Press (AP).

Photo Insert: Microsoft said there was no evidence any customer data was accessed or compromised.

A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service (DDoS) attacks.

Initially reticent to name the cause, Microsoft has now disclosed that DDoS attacks by the murky upstart were to blame. A spokeswoman said that the group that calls itself Anonymous Sudan was behind the attacks.

The post said the attacks “temporarily impacted availability” of some services. The attackers were focused on “disruption and publicity” and used rented cloud infrastructure and virtual private networks (VPNs) to bombard Microsoft servers from botnets of zombie computers.

Microsoft said there was no evidence any customer data was accessed or compromised.

While DDoS attacks are mainly a nuisance — making websites unreachable without penetrating them — security experts say they can disrupt the work of millions if they successfully interrupt the services of a software service giant like Microsoft on which so much global commerce depends.

“We really have no way to measure the impact if Microsoft doesn’t provide that info,” said Jake Williams, a prominent cybersecurity researcher and a former National Security Agency offensive hacker. Williams said he was not aware of Outlook previously being attacked at this scale.

WEEKLY FEATURE : MVP Group Keeps Lights On During Pandemic