BEST OF THE WEB

Microsoft Azure, Outlook DDoS attacks linked to Anonymous Sudan

Microsoft has confirmed that recent disruptions to its Azure, Outlook, and OneDrive web portals were the result of Layer 7 DDoS attacks carried out by the threat actor Storm-1359, who goes by the name Anonymous Sudan.

Layer 7 DDoS attacks focus on overwhelming the application layer by bombarding services with an overwhelming volume of requests, causing the services to become unresponsive. Anonymous Sudan, also known as Storm-1359, employs three specific types of Layer 7 DDoS attacks: HTTP(S) flood attacks, Cache bypass, and Slowloris. Each method aims to exhaust the web service’s available connections, rendering it unable to accept new requests.

The attacks began in early June 2023, and targeted Microsoft’s web-accessible portals for Outlook, Azure, and OneDrive. Anonymous Sudan demanded a payment of $1 million to cease the attacks.

Microsoft revealed that the attackers likely employed multiple virtual private servers (VPS), rented cloud infrastructure, open proxies, and DDoS tools to carry out the attacks. However, there is no evidence to suggest that customer data was compromised during these incidents.

The group claimed that their attacks on Outlook were in response to the United States’ involvement in Sudanese politics. However, some cybersecurity researchers suspect that this claim may be a false flag, suggesting a potential connection between the group and Russia.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staffhttp://www.itworldcanada.com/
The online resource for Canadian Information Technology professionals.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web