Days after Microsoft experienced a major global outage that disrupted its services, the company is grappling with another setback as a cyberattack has caused nearly ten hours of service disruption. The Microsoft cyberattack has disrupted several services, including the popular email platform Outlook and the widely played video game Minecraft, according to a company disclosure.
Preliminary findings indicated that a Distributed Denial-of-Service (DDoS) attack had initially triggered the outage, but an error in Microsoft’s defensive measures exacerbated the situation. The cyberattack on Microsoft began on July 30, 2024, and led to widespread issues across various Microsoft services.
According to a statement from the company, “While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack… initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.” DDoS attacks are known for overwhelming websites or online services with excessive traffic to render them inoperable.
Response and Mitigation Against Microsoft Cyberattack
Microsoft’s response included a fix that reportedly showed signs of improvement, but the company continued to monitor the situation to ensure a full recovery. In a public apology on X (formerly Twitter), Microsoft acknowledged the inconvenience caused to users and stated, “We’re sorry to hear you’re running into issues with our services. Our experts are currently investigating the situation in order to resolve it as soon as possible. You can find updates here: https://msft.it/6017ljML3. We sincerely apologize for the inconvenience.”
The impact of the Microsoft cyberattack extended beyond its own products. Services dependent on Microsoft’s platforms were also affected. For instance, Cambridge Water reported issues with their website and services due to the outage. They explained, “Due to worldwide issues with Microsoft Azure, a problem with our website is affecting several services including MyAccount and PayNow.”
Other organizations felt the ripple effects as well. The HM Courts and Tribunals Service, which oversees the administration of various courts and tribunals in England and Wales, noted problems with multiple online services. Financial institutions like NatWest also experienced disruptions, with a bank spokesperson commenting, “We are aware that some customers experienced difficulties accessing our webpages today. This was linked to the issues reported by Microsoft Azure which has affected some Microsoft services globally.”
The timing of the cyberattack on Microsoft was particularly inconvenient for FC Twente, a top Dutch football team, which saw its ticketing website and club app become inaccessible to fans. The outage came just hours before Microsoft was scheduled to release its latest financial update, adding to the company’s challenges.
The Stages of Microsoft Cyberattack and Linked Outages
The recent Microsoft outage followed a series of earlier disruptions affecting Microsoft’s Azure cloud platform. In July, several incidents highlighted the platform’s vulnerabilities. On July 30, between 11:45 UTC and 19:43 UTC, an unexpected surge in traffic from a DDoS attack led to the Azure Front Door outage. The attack’s effects were exacerbated by an error in Microsoft’s defensive measures, though the company implemented networking changes and failovers to resolve the issue by 20:48 UTC.
Earlier, on July 19, Windows virtual machines suffered startup failures due to a problematic update from CrowdStrike’s Falcon agent, which caused continuous restart loops until recovery instructions were published. Additionally, from 21:40 UTC on July 18 to 02:55 UTC on July 19, Azure Storage experienced disruptions in the Central US region due to incomplete updates to virtual machine host address lists, with recovery efforts involving halting the update process and executing failovers, achieving full restoration by the early hours of July 19.
These incidents have led Microsoft to reassess and improve its systems. To mitigate future risks, the company has outlined several measures. Completed improvements include fixing storage to allow list-generation workflows, enhancing failover policies for SQL databases, and refining fail-back workflows for Cosmos DB. Upcoming improvements are set to address various aspects of service resilience, such as implementing VM health checks and refining failover workflows.
Professor Alan Woodward, a noted computer security expert, commented on the situation, “It seems slightly surreal that we’re experiencing another serious outage of online services from Microsoft. You’d expect Microsoft’s network infrastructure to be bomb-proof”, reported BBC. This sentiment highlights the surprise and concern within the tech community regarding the repeated issues faced by one of the industry’s leading companies.
Microsoft’s Azure cloud platform has been a key driver of the company’s profitability in recent years. However, recent disruptions have rattled investors. Following the outage, Microsoft’s shares dropped by 2.7% in after-hours trading. Despite reporting a 15% increase in overall revenue to $64.7 billion and an 11% rise in profit to $22 billion for the April-June period, the company has faced scrutiny due to these service interruptions.
For users and businesses relying on Microsoft’s services, the company advises configuring Azure Service Health alerts to stay informed about service issues and to implement disaster recovery strategies to minimize the impact of future outages.
