Microsoft 365 and a number of Azure services were taken offline for users following an attempted cyberattack on the company’s systems, it has confirmed.
Users around the globe saw services disrupted after a Distributed Denial-of-Service (DDoS) attack triggered Microsoft‘s internal protection systems.
However in an embarrassing confession, the company admitted these systems actually seem to have “amplified the impact of the attack rather than mitigating it”.
Azure attack
“Between approximately at 11:45 UTC and 19:43 UTC on 30 July 2024, a subset of customers may have experienced issues connecting to a subset of Microsoft services globally,” an update on the official Azure status hub noted.
“Impacted services included Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, as well as the Azure portal itself and a subset of Microsoft 365 and Microsoft Purview services.”
The company noted how an “unexpected usage spike” hit Azure Front Door (AFD) and Azure Content Delivery Network (CDN), causing them to under-perform, resulting in outages, timeout and latency spikes.
Microsoft says that after the attack was detected, it began investigating immediately, and the effects were under control around an hour and a half later. Following an initial rollout of a fix across the Asia Pacific and European networks, a global rollout took place and the issue appeared too be under control around right hours after the initial reports.
The issue came days after a flawed CrowdStrike security update led to potentially millions of Microsoft devices around the globe being taken offline, so the company is understandably on edge about any further issues.
Microsoft says it will now carry out a full internal investigation to “understand the incident in more detail” and pledged to publish an initial report within the next few days, with a full report coming within 14 days.