Microsoft 365 and Azure services experienced a significant global outage on July 30, 2024, affecting millions of users worldwide.
Microsoft has confirmed that the nine-hour outage which disrupted multiple Microsoft 365 and Azure services worldwide, was caused by a distributed denial-of-service (DDoS) attack.
The outage impacted critical services including Microsoft Entra, some Microsoft 365 and Microsoft Purview services (such as Intune, Power BI, and Power Platform), as well as various Azure services. Users experienced difficulties accessing emails, both through apps and browsers, and issues with scheduled calendar invitations.
In a mitigation statement released on July 31, Microsoft explained that while a DDoS attack initially triggered the outage, an error in the implementation of their defense mechanisms amplified the impact rather than mitigating it. This revelation provides more context to the company’s earlier statement about an “unexpected usage spike” causing Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components to perform below acceptable thresholds.
To address the issue, Microsoft implemented networking configuration changes to support their DDoS protection efforts and performed failovers to alternate networking paths. By 2:54 PM ET on July 30, the company reported that the vast majority of services were fully restored.
The recurring nature of these outages, coming less than two weeks after a previous incident caused by a faulty update from CrowdStrike, has raised concerns among users about the reliability of Microsoft’s infrastructure.
For more information check Microsoft’s Azure status page.
Reach out to Messageware to improve Microsoft Exchange Server Security
If you are not protecting all the protocols used by your Exchange Server, you’re putting your company at a higher risk of a data breach.
Security incidents happen frequently. They cause disruption, loss of data and potentially risk the reputation of your company. However, if you implement these steps, you’re doing more than most other companies.
Have you heard about Messageware’s EPG that offers advanced Exchange Server security to protect organizations from a variety of logon and password attacks, as well as extensive real-time reporting and alerts of suspicious logon activity? Click here to learn more.