DDoS attack causes outage of Microsoft 365 and Azure worldwide for nine hours

Between July 30 and 31, 2024, Microsoft 365 and Microsoft Azure , a cloud computing service, were unavailable for about nine hours worldwide. Microsoft announced that the outage was caused by a distributed denial of service (DDoS) attack.

Azure status history | Microsoft Azure
https://azure.status.microsoft/status/history/

Microsoft says massive Azure outage was caused by DDoS attack
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-massive-azure-outage-was-caused-by-ddos-attack/

Microsoft 365 falsed due to Denial of Service attack | ZDNET
https://www.zdnet.com/article/microsoft-365-is-down-again/

CISA, FBI warn of potential DDoS attacks on 2024 elections
https://therecord.media/ddos-attacks-2024-election-fbi-cisa-warning

Between 11:45 and 19:43 on July 30, 2024 (UTC), there were problems connecting to some Microsoft services, including Microsoft 365 and Azure-related services, including Word, Excel, PowerPoint, and Outlook. In a statement released by Microsoft, the company explained that 'an unexpected surge in usage caused component performance to fall below acceptable thresholds, resulting in intermittent errors, timeouts, and spikes in latency.' However, some services, such as OneDrive for Business and Microsoft Teams, were not affected.

Microsoft acknowledged the outage on X (formerly Twitter) and said, 'Please refer to the Administration Center for more information.' However, according to the IT news site ZDNet, the Administration Center was also affected by the outage.

We're currently investigating access issues and degraded performance with multiple Microsoft 365 services and features. More information can be found under MO842351 in the admin center.

— Microsoft 365 Status (@MSFT365Status) July 30, 2024

In a statement about the cause of the trouble, Microsoft said, 'The initial triggering event was a DDoS attack, which activated our DDoS protection mechanisms, but initial investigations suggest that an error in the implementation of our defenses amplified rather than mitigated the impact of the attack.' As a result, everything was reported to have returned to normal in about nine hours, but Microsoft did not mention the threat actor that carried out the attack.

According to The Record From Recorded Future News, which deals with cybersecurity news, a pro-Russian group claims to have launched a DDoS attack on Microsoft. Kate Conley, a senior adviser at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said, 'DDoS attacks could cause some confusion or prevent the public from receiving timely information. It's important to talk about these potential issues now.'

🚨The outage from Microsoft yesterday was caused by @Sn_darkmeta . pic.twitter.com/JK1GBYenQa

— Dark Web Informer (@DarkWebInformer) July 31, 2024

'We are conducting a thorough internal investigation to understand the incident in more detail,' Microsoft said, and will provide a full report within 14 days.