Skip to content

Microsoft Identifies DDoS Attacks Behind June Outages: Suspected Ties to Pro-Russian Group

Microsoft confirms that June's service outages for Outlook and OneDrive resulted from DDoS attacks by the group Anonymous Sudan. The group, suspected to have pro-Russian ties, was primarily seeking publicity.

Earlier this month, multiple Microsoft online services including Outlook and OneDrive suffered service outages. The group behind the incident, Anonymous Sudan, took credit for the disruption. Initially, Microsoft remained tight-lipped about the situation, but later confirmed that it had been the target of a series of Distributed Denial-of-Service (DDoS) attacks.

In a recent blog post, Microsoft stated that these attacks were primarily orchestrated for publicity and temporarily affected the availability of some services. The company has identified the threat actor as Storm-1359, a temporary label used for groups whose affiliations are yet to be definitively established.

Despite the disruption, Microsoft reassures users that there is no evidence of customer data being accessed or compromised. While the exact number of affected customers remains unclear, Microsoft attributes the attacks to Anonymous Sudan. It is believed that the group used a combination of virtual private servers and rented cloud infrastructure for its operation.

Interestingly, cybersecurity researchers suggest that Anonymous Sudan may be an offshoot of the Kremlin-affiliated Killnet gang. This pro-Russian group, in conjunction with Revil, has threatened to target SWIFT, the international interbanking system, which had severed ties with Russia due to its 2022 invasion of Ukraine.

As the dynamics of cyber warfare continue to evolve, this incident underscores the importance of robust cybersecurity measures in safeguarding online services and user data. It also highlights the potential geopolitical underpinnings of cyberattacks, illustrating the complex landscape of global digital security.