The company issues an apology for the incident, which lasted about 10 hours, and impacted thousands of users With crucial services affected, some people complained they couldn’t do their jobs Alamy A successful DDoS attack will make parts, or all, of a website, service or network unavailable Getty
The most recent disruption affected airports, such as Heathrow, the UK’s largest travel hub, and some banks.
Microsoft deployed multiple engineering teams to investigate the issue.
A preliminary investigation shows the outage was caused by a cyberattack that tech defences failed to combat.
In a statement on the Azure server status site, Microsoft said: “Initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.”
The hack was a Distributed Denial-of-Service (DDoS) attack.
The company issues an apology for the incident, which lasted about 10 hours, and impacted thousands of users.
Microsoft said it will publish a review of the incident in three days.
What is a DDoS attack?
A DDoS stands for a Distributed Denial-of-Service (DDoS) attack.
It is a malicious attempt to disrupt a targeted website, service or network by overwhelming it with internet traffic.
A network is essentially flooded with so much information that it can’t bear the weight, and it crashes.
A successful DDoS attack will make parts, or all, of a website, service or network unavailable.
Adam Pilton, senior cybersecurity consultant at Cybersmart, said: “It’s not unsurprising to see that Microsoft has been subject to a denial-of-service attack, I imagine this is a frequent event for them. What is surprising is that it was successful.
“Microsoft have confirmed they do have DDoS protection in place which is what we would expect, however the protection they did have in place was misconfigured which in fact ended up amplifying the attack.”
Pilton called the incident “concerning” after services were disrupted for roughly 10 hours.
“This is now the second reminder in two weeks of the importance of having business continuity planning in place,” he added.
“Whether a specific piece of software is unavailable or your entire network becomes unusable, you must have plans in place to ensure that your business can continue to work.”
The agreement meant multiple security providers could install software at the core of a computer’s operating system, known as the kernel, amid a European competition probe.
Apple, by contrast, blocked access to the kernel on its Mac computers in 2020, which it said would improve security and reliability.
What is CrowdStrike?
THE 19 July global cyber outage related to an issue at cybersecurity firm CrowdStrike.
IT security firm CrowdStrike found crashes on Microsoft’s Windows operating system relating to its Falcon sensor.
CrowdStrike’s Falcon system, designed to prevent cyber attacks, has privileged access to the kernel which meant a faulty update last week resulted in millions of Windows computers and servers failing to load.
The Falcon system monitors the computers it is installed on and detects hacks and bugs before responding to them.
CrowdStrike, headquartered in Austin, Texas, says it is a global security leader which provides an advanced platform to protect data.
A CrowdStrike update on 19 July is said to have caused a critical error in Microsoft operating systems, affecting millions worldwide.
The company regularly updates systems with new anti-virus software
Toby Murray, associate professor in the School of Computing and Information Systems at The University of Melbourne, Australia said: “If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons .
“One: Falcon is widely deployed on many computers, and two: because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats.
“It is possible that today’s outage may have been caused by a buggy update to Falcon.”.
Cyber expert Troy Hunt told Australian TV network Seven: “It looks like they’ve pushed a bad update, which is presently nuking every machine that takes it.”
Get updates delivered to you daily. Free and customizable.
Welcome to NewsBreak, an open platform where diverse perspectives converge. Most of our content comes from established publications and journalists, as well as from our extensive network of tens of thousands of creators who contribute to our platform. We empower individuals to share insightful viewpoints through short posts and comments. It’s essential to note our commitment to transparency: our Terms of Use acknowledge that our services may not always be error-free, and our Community Standards emphasize our discretion in enforcing policies. We strive to foster a dynamic environment for free expression and robust discourse through safety guardrails of human and AI moderation. Join us in shaping the news narrative together.
Comments / 0