Criminals sabotaged Microsoft's Azure service — a vast cloud computing network that competes with Amazon Web Services and powers some of the biggest websites, applications, and online services currently available — to disrupt Outlook, Xbox Live, Microsoft Teams, and others yesterday.
Hundreds of Microsoft 365 users have complained about issues with the cloud-based productivity software, which is available to individuals and businesses with a monthly subscription
DOWNDETECTOR
Following an investigation into the problems, which started mid-afternoon on July 30, Microsoft has revealed the service outage which affected some of its apps and features was sparked by an attempted cyber-attack. Hackers used a Distributed Denial-Of-Service (DDoS) attack, where bad actors knock a platform offline by flooding it with so much traffic that it can no longer cope, to take parts of Azure offline.
At the time, Microsoft said that it was struggling with "degraded performance" and "access issues" across a range of its cloud-based services, including Microsoft 365, which provides access to immensely popular applications like Microsoft Word, Excel, and PowerPoint from any web browser, as well as Outlook.
Individuals and businesses who rely on Microsoft Teams as well as players of the popular video game Minecraft and Xbox Live also reported issues during the DDoS attack.
We're currently investigating access issues and degraded performance with multiple Microsoft 365 services and features. More information can be found under MO842351 in the admin center.
— Microsoft 365 Status (@MSFT365Status) July 30, 2024
Microsoft managed to resolve the issue after a few hours, restoring its online services by evening in the UK.
The Redmond-based technology company confirmed its initial investigations had found that an error in the rollout of its own defences to prevent the attack “amplified the impact of the attack rather than mitigating it”.
In an update posted to its Azure status website, Microsoft said an “unexpected usage spike” had caused performance issues on parts of its Azure platform, for which the company said the “initial trigger event” had been the DDoS attack that “activated our DDoS protection mechanisms”, but these protections had initially made things worse, before the firm made “network configuration changes” to relieve and eventually help solve the issue.
The incident on Tuesday saw thousands of users report issues accessing a range of Microsoft services, with service status website DownDetector reporting user-flagged issues with Microsoft Teams, Xbox Live and other services. Other websites were also affected, with banking giant NatWest apologising to customers whom it said had been unable to access some of its webpages, while Oxford United Football Club posted to X to confirm the issue was preventing online members from accessing online ticketing and club shop services.
Microsoft shows the scale of the issues on its Azure service status dashboard, which reveals issues across the UK and mainland Europe
MICROSOFT
The latest outage comes less than a fortnight after a major IT outage was caused by cybersecurity firm CrowdStrike issuing a botched update to 8.5 million Microsoft devices worldwide. The global meltdown triggered delays with dozens of airlines and train operators and left multiple banks and businesses unable to accept payment. The same glitch took Sky News off the airwaves.
Following the incident, Texas-based antivirus firm CrowdStrike was condemned for sending an email to staff and some partners thanking them for their work to help fix the issue which told recipients: “To express our gratitude, your next cup of coffee or late night snack is on us!”.
The gesture has been widely mocked on social media, with some suggesting the offer of a cup of coffee did not make up for the thousands of hours of lost work time and the damage done to public trust in the firm.
The scheme has also been blighted by some reporting being unable to redeem the code, with CrowdStrike admitting that Uber later flagged the offering as fraud “because of high usage rates”.
The offer does not appear to have extended to CrowdStrike customers impacted by the outage.
It comes as questions remain over whether any financial compensation will be due to CrowdStrike customers because of the outage, but the cybersecurity firm has pledged to improve its software testing procedures in the wake of the incident.
LATEST DEVELOPMENTS
In a published review of the outage, CrowdStrike said a bug in its system meant “problematic content data” in a software update file was missed.
The US firm has also been asked to schedule an appearance before Congress, with chief executive George Kurtz asked to give evidence about the incident to US legislators.
