Microsoft’s latest outage caused by ‘DDoS attack’

Image credit: Sourced from Microsoft

Following a recent global outage, Microsoft 365 services once again experienced performance issues, with numerous users reporting disruptions in North America as well as in the UK, on Tuesday.

Reports of outages on Azure and Microsoft 365 began to surge shortly after 7 am in New York, reaching hundreds of complaints at the incident’s peak, according to user reports compiled by Downdetector. Microsoft announced that the issue was resolved by about 5 pm in New York.

The 365 status account on X acknowledged the issues, stating, “We’re currently investigating access issues and degraded performance with multiple Microsoft 365 services and features. More information can be found under MO842351 in the admin centre.”

We’re currently investigating access issues and degraded performance with multiple Microsoft 365 services and features. More information can be found under MO842351 in the admin centre.

— Microsoft 365 Status (@MSFT365Status) July 30, 2024

Microsoft later revealed that a distributed-denial-of-service (DDoS) cyberattack triggered the Azure cloud application outage. “While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack… initial investigations suggest that an error in the implementation of our defences amplified the impact of the attack rather than mitigating it,” said an update on the website of the Microsoft Azure cloud computing platform.

The DDoS attack began early Tuesday, and an error in Microsoft’s automated protection mechanisms exacerbated the impact instead of mitigating it, according to a company status update.

The incident affected customers in multiple regions, including services running on Azure. For instance, mobile ordering at Starbucks in the US, was disabled for hours due to the issues affecting Azure, as per US media news reports.

Multiple services affected

Microsoft said it implemented mitigations and rerouted user requests to lessen the impact. The company is monitoring the service to ensure the issue is resolved and has directed users to their status page for updates.

The 365 Status account also noted, “We’re aware of issues with https://status.cloud.microsoft. Please view MO842351 in the admin center for more details about this incident.”

Azure Support addressed the issue on its X handle, indicating an ongoing investigation into problems affecting Azure services. “Thank you for your patience. We are currently investigating an issue impacting Azure Services. Our teams are actively working to resolve this as early as possible. Meanwhile, you can keep updated on our Status page here: https://msft.it/6010ljyLg. ^AD,” the post read.

An alert regarding “network infrastructure” appeared on Microsoft’s service status website, highlighting that Microsoft Azure access had been impacted. Azure’s cloud platform supports various services, and its disruption affected communication between applications, users, devices, and the internet.

The issue also impacted multiple Microsoft 365 services and features, Microsoft stated in a post on social network X. Microsoft 365 includes common productivity applications like Outlook, Word, and Excel.

We are investigating reports of issues connecting to Microsoft services. More details will be provided as they become available on the Azure status page at https://t.co/3dVusz9kWk.

— Azure Support (@AzureSupport) July 30, 2024

Denial-of-service attacks direct large volumes of internet traffic at a website to disrupt or shut it down. These incidents have become a persistent nuisance for financial institutions, causing intermittent downtime and forcing security teams to fend off the activity.

Microsoft-CrowdStrike outage

A previous major outage on July 19 had widespread effects, disrupting numerous sectors globally, including aviation, essential services and financial market operations. Issues were first identified in the US, followed by system failure across multiple countries, linked to failures in Microsoft services like Azure and 365.

Initial reports suggest 8.5 million devices were impacted in what is being called as the world’s “biggest IT fail.”

It was later discovered that an update from CrowdStrike’s Falcon Sensor threat-monitoring software caused crashes in Microsoft’s Windows operating system, leading to a global IT disruption that affected multiple businesses worldwide.

Read: Microsoft lays blame at CrowdStrike’s door for global outage