Microsoft Confirms DDoS Attack Behind Latest Microsoft 365 and Azure Outage
Published: Jul 31, 2024
Key Takeaways:
- Microsoft Azure experienced a major outage caused by a distributed denial-of-service (DDoS) attack, affecting several key services for nearly 10 hours.
- Impacted services included Microsoft 365 admin center, Entra, Intune, Power BI, and Power Platform.
- Microsoft’s initial defense mechanisms against the DDoS attack inadvertently amplified its impact, leading to significant disruptions.
Microsoft announced yesterday that its Azure cloud services experienced another major outage. The company confirmed that this widespread disruption was caused by a distributed denial-of-service (DDoS) attack.
According to Microsoft, customers began reporting issues around 5 AM PST, stating they couldn’t access several Microsoft 365 and Azure services. The company noted on its Azure Service status page that users may experience latency while performing actions or operations on the affected services.
This major Azure outage, which lasted nearly 10 hours, impacted the Microsoft 365 admin center, Entra, Intune, Power BI, and Power Platform. However, Microsoft clarified that some services, including Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for Business, were not affected.
What caused the Microsoft 365 and Azure outage?
Microsoft announced this morning that the recent Azure outage was initially caused by a distributed denial-of-service (DDoS) attack. A DDoS attack disrupts a server, service, or network by overwhelming it with excessive Internet traffic. Microsoft noticed a sudden spike in usage, which caused their Azure Front Door and Azure Content Delivery Network (CDN) services to underperform, leading to errors, timeouts, and delays for users.
It’s important to note that most companies have built-in mechanisms to protect against DDoS attacks. “While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack… initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it,” Microsoft explained.
Last week, a faulty update for CrowdStrike’s Falcon Sensor security platform caused a global outage affecting millions of Windows PCs worldwide. This disruption affected payment systems, flight tracking, and other critical infrastructure. In response, Microsoft plans to bolster Windows security and resilience by limiting kernel-level access for third-party security solutions.