ButSpeak.com
News which Matters.
A DDoS attack caused a nearly 10-hour Microsoft Azure outage on July 30, affecting Microsoft 365 services and Azure products worldwide.
Key Points
- Microsoft Azure outage on July 30 was caused by a distributed denial of service (DDoS) attack.
- The incident lasted nearly 10 hours, impacting services like Microsoft 365, Office, Outlook, and various Azure products.
- The outage began at 11:45am UTC and was resolved by 19:43pm UTC.
- An error in Microsoft’s DDoS protection mechanisms amplified the attack’s impact.
- The incident follows a recent CrowdStrike update issue that also affected Microsoft services.
Microsoft has confirmed that a distributed denial of service (DDoS) attack was the cause of the widespread Azure outage on July 30. The outage, which lasted nearly 10 hours, left users unable to access several Microsoft services, including popular Microsoft 365 products like Office and Outlook, as well as various Azure services.
The incident began around 11:45am UTC and was resolved by 19:43pm UTC, according to Microsoft’s Azure status history page. During this period, a subset of customers experienced issues connecting to Microsoft services globally. The impacted services included Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, the Azure portal itself, and a subset of Microsoft 365 and Microsoft Purview services.
Microsoft explained that the “initial trigger event” was a DDoS attack, where adversaries flooded services with excessive traffic, leading to service disruptions. The company described an “unexpected usage spike” that caused Azure Front Door and Azure Content Delivery Network components to perform below acceptable thresholds, resulting in intermittent errors, timeouts, and latency spikes.
Despite having DDoS protections in place, an error in the implementation of these defenses “amplified the impact of the attack rather than mitigating it,” Microsoft admitted. This incident is reminiscent of a recent issue involving CrowdStrike, where a software error in the protection mechanisms caused similar disruptions to Microsoft Windows machines.
Sean Wright, head of application security at Featurespace, commented on the incident, noting that although firms typically have protections against DDoS attacks, an error in the software meant to protect against such attacks caused the outage. “Similarly to the CrowdStrike issue a few weeks ago, it appears that an error occurred in the software that was used to protect against DDoS attacks,” Wright said.
As Microsoft continues to investigate and address the vulnerabilities exposed by this incident, the tech community remains vigilant about the robustness of cybersecurity measures in place to protect essential services from similar threats in the future.
