Between June 5 and June 9, 2023, the sign-in pages and other parts of Outlook, OneDrive, Teams, and Azure were no longer available to millions of users around the world. Now we know why.
Microsoft invests $1 billion a year to protect, detect, and respond to cyberthreats in real time. However, the “early July” events were due to a distributed denial of service attack, also known by its acronym in English DDoS.
A Microsoft spokesperson has confirmed to the Associated Press that the group calling itself Anonymous Sudan is behind the attack. Some researchers, however, believe that this association is linked to the pro-Russian pro-Russian group KillNet. The latter, characterized by launching attacks against Ukraine's allies.
It is believed that the attackers had multiple virtual private servers and rented cloud infrastructure at their disposal. With these and other resources, they launched a huge number of requests to Microsoft servers to produce an HTTP flood attack, seeking to deplete the server's resources in such a way that it crashes and cannot respond to more access requests.