Microsoft Azure: DDoS Attack on Azure Services

On July 30, 2024, Azure experienced a significant Distributed Denial-of-Service (DDoS) attack that caused nearly 10 hours of intermittent outages, affecting a variety of services including Azure App Services, Azure SQL Database, Azure IoT Central, and portions of Microsoft 365. The attack utilized a high volume of requests to overwhelm the services, peaking at 14.7 million requests per second, and was further exacerbated by a misconfiguration in Microsoft’s DDoS defenses which amplified the attack’s impact.

The attack, attributed to the hacktivist group Anonymous Sudan, involved multiple Layer 7 DDoS methods such as HTTP(S) flood attacks, cache bypass, and Slowloris, targeting the application layer to disrupt services. Despite the extensive disruption, Microsoft confirmed that there was no evidence of customer data being accessed or compromised during the attack.

In response to the attack, Microsoft implemented network configuration changes and performed failovers to alternate networking paths to mitigate the impact. Most services began to recover after these interventions, although the full resolution took several hours.

For more information , please visit - https://securityboulevard.com/2024/07/microsoft-ddos-attack-on-azure-services-exacerbated-by-defense-error/