Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions
The Hacker News ^ | Jun 19, 2023 | Ravie Lakshmanan

Posted on 06/19/2023 9:41:23 AM PDT by MeganC

Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359.

"These attacks likely rely on access to multiple virtual private servers (VPS) in conjunction with rented cloud infrastructure, open proxies, and DDoS tools," the tech giant said in a post on Friday.

Storm-#### (previously DEV-####) is a temporary designation the Windows maker assigns to unknown, emerging, or developing groups whose identity or affiliation hasn't been definitively established yet.

While there is no evidence that any customer data was accessed or compromised, the company noted the attacks "temporarily impacted availability" of some services. Redmond said it further observed the threat actor launching layer 7 DDoS attacks from multiple cloud services and open proxy infrastructures.

This includes HTTP(S) flood attacks, which bombard the target services with a high volume of HTTP(S) requests; cache bypass, in which the attacker attempts to bypass the CDN layer and overload the origin servers; and a technique known as Slowloris.

"This attack is where the client opens a connection to a web server, requests a resource (e.g., an image), and then fails to acknowledge the download (or accepts it slowly)," the Microsoft Security Response Center (MSRC) said. "This forces the web server to keep the connection open and the requested resource in memory."

(Excerpt) Read more at thehackernews.com ...


TOPICS:
KEYWORDS: ddos; microsoft; russia
We're still having problems placing orders with our vendors who use Microsoft. The attack is ongoing.
1 posted on 06/19/2023 9:41:23 AM PDT by MeganC
[ Post Reply | Private Reply | View Replies]

To: MeganC

Xi’s ‘gift’ to Bill perhaps.


2 posted on 06/19/2023 9:53:51 AM PDT by SpaceBar (RIP Chester)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeganC

One of many reasons why cloud-based anything (accounts, file storage, etc.) should be avoided whenever possible.


3 posted on 06/19/2023 10:01:56 AM PDT by CatOwner (Don't expect anyone, even conservatives, to have your back when the SHTF in 2021 and beyond.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeganC

“The attack is ongoing.”

a lot of moon pies and rc colas getting hammered out there today I suppose.

Hard to fight that kind of attack and still maintain access for legitimate contact.
I would shut down until I was loaded for bear ...then jump back in and blaze away ....


4 posted on 06/19/2023 10:04:16 AM PDT by 1of10 (be vigilant , be strong, be safe, be 1 of 10 .)
[ Post Reply | Private Reply | To 1 | View Replies]

To: MeganC

Mr. Jackson owes ‘Tanji some cash!


5 posted on 06/19/2023 10:07:07 AM PDT by alstewartfan ("She looks like she's 19 years old, sitting there like a lady with her lbegs crossed." Creepy Joe)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 1of10

The proper response is to isolate Russia, Iran, North Korea, and China from the American internet. Let them hack Europe if they want but cut off their access to America.


6 posted on 06/19/2023 10:08:33 AM PDT by MeganC (There is nothing feminine about feminism. )
[ Post Reply | Private Reply | To 4 | View Replies]

To: MeganC

Need to include the corrupted Ukraine in that list.


7 posted on 06/19/2023 10:12:50 AM PDT by SoConPubbie (Trump has all the right enemies, DeSantis has all the wrong friends.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: MeganC
> The proper response is to isolate Russia, Iran, North Korea, and China from the American internet. Let them hack Europe if they want but cut off their access to America.

Ain't gonna happen since the REAL National Security Threat to America are Multi-National Big-X CEO's who's business model is built on offshoring as much work and production to our military adversaries (China and Russia) as possible.

Our Democratic-Kleptocracy did this and will do absolutely anything and everything to prevent their multi-trillion dollar gravy train from stopping.

8 posted on 06/19/2023 10:21:47 AM PDT by SecondAmendment (This just proves my latest theory ... LEFTISTS RUIN EVERYTHING !!!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: MeganC
The proper response is to isolate Russia, Iran, North Korea, and China from the American internet. Let them hack Europe if they want but cut off their access to America.

I'd add a few European countries and South African countries to that list.

Technically it's possible to cut them off, it won't last long as they get back on the Internet via other countries that don't cut them off and have access to us.

Personally, I'd like the U.S. to have attack cyber counter-measures automated against those countries that attack us.

Frankly, I'd be surprised if we don't have those already and haven't for some time. If I've thought of it, people smarter than me were way ahead of me.

9 posted on 06/19/2023 10:31:34 AM PDT by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 6 | View Replies]

To: CatOwner

What difference does it make if your web server or web application is on the cloud or on hardware in your rack space?

BOTH need Internet and TCPIP access, and both have all your customers over the Internet somewhere.

They can hack your web server and shut you down locally or over cloud. The code for these attacks is exactly the same.

Who has more resources to fight them and fix the issue, individual companies and their few administrators or a big vendor with thousands of administrators, security specialists and other employees?

The whole Internet is a stinking cesspool of malware and hackers and it doesn’t matter where the data is stored, but rather that the data needs to have access to the Internet.

Unless, of course, we want to go back to catalog orders by mail and over the phone.

Pandora’s Box was opened some time ago, and we can’t put all the bad back in.


10 posted on 06/19/2023 10:33:42 AM PDT by Alas Babylon! (Repeal the Patriot Act; Abolish the DHS; reform FBI top to bottom!)
[ Post Reply | Private Reply | To 3 | View Replies]

To: MeganC

This appears to be a result of our interventionist foreign policy.


11 posted on 06/19/2023 11:12:58 AM PDT by JonPreston ( ✌ ☮️ )
[ Post Reply | Private Reply | To 6 | View Replies]

To: Alas Babylon!
I stand by my statement. I do not use Microsoft's online account setup (thank God for Windows 10 Pro). I don't store any photos, tax forms, and the like on a cloud server. I have whatever I need stored on multiple hard drives disconnected from my PC. They'll have to hack my network or, more likely, break into one of several locations in order to steal my photos that can be used for facial recognition.

I never said the Internet was evil. I said certain personal information should not be stored in the cloud *whenever possible*. The price of convenience is an increase in risk.

12 posted on 06/19/2023 1:27:19 PM PDT by CatOwner (Don't expect anyone, even conservatives, to have your back when the SHTF in 2021 and beyond.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: CatOwner

Look, you do you. It does make no sense for a person to be on the cloud if everything they have and need is local.

I’m talking about big businesses, who have thousands if not millions of customers.

Do you do online banking? Do you participate here? Do you buy from Amazon, Walmart or Chase or American Express Credit Cards?

All of those feature web servers on the Internet, and I’m talking about servers—computers hosting web pages—with potentially thousands of individual transactions a minute.

I’ve been a computer and network professional for 50 years. I always thought talk of “The cloud” was a sham, because any computer connected to another over the Internet is part of a networked cloud. The term is superfluous. Big vendor clouds just use a ton of their server, network, and storage space to host other people’s applications and data, but they are no more or less vulnerable than single company servers connected to fiber or Twisted pair out to the Internet.

And that is what this attack in the thread is actually all about.

Not end users home computers.


13 posted on 06/19/2023 2:01:31 PM PDT by Alas Babylon! (Repeal the Patriot Act; Abolish the DHS; reform FBI top to bottom!)
[ Post Reply | Private Reply | To 12 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson