San Francisco, June 19 – Microsoft has announced that distributed denial-of-service (DDoS) attacks were the reason behind the services’ outages earlier this month.
“Beginning in early June, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks asAStorm-1359,” the company said in a blogpost.
“These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools.”
However, there is no proof that consumer data has been accessed or compromised.
Instead of layer 3 or 4, layer 7 was the target of this DDoS activity.
In order to better shield customers from the effects of such DDoS attacks, Microsoft strengthened layer 7 protections, including tuning Azure Web Application Firewall (WAF).
While the majority of interruptions can be mitigated effectively with the help of these tools and techniques, the tech giant continuously evaluates the performance of its hardening capabilities and incorporates learning to improve and refine them.
“Microsoft assessed that Storm-1359 has access to a collection of botnets and tools that could enable the threat actor to launch DDoS attacks from multiple cloud services and open proxy infrastructures. Storm-1359 appears to be focused on disruption and publicity,” the company said.