Microsoft Azure Attack Highlights Persistent Threat of DDoS Attacks
The recent outage on Microsoft Corp.’s Azure cloud-computing platform underscored the ongoing threat posed by an older, blunt-force style of cyberattack known as a distributed denial-of-service (DDoS) attack. This method involves flooding a target, such as a website or server, with massive amounts of junk internet traffic to disrupt or knock it offline. DDoS attacks have become a favored tool of hacktivists aiming to make statements by targeting government institutions, banks, and major companies.
The attack on Microsoft began Tuesday morning, just hours before the tech giant was set to announce its quarterly earnings. The outage impacted customers of the Azure cloud platform for hours, disrupting services such as mobile ordering at Starbucks, online services from the UK government’s courts and tribunals service, and the Dutch football club FC Twente. Microsoft 365, which includes widely used applications like Outlook and Excel, was also affected.
Compounding the problem, an error in Microsoft’s automated defense mechanism “amplified” the attack instead of mitigating it, according to a company status update.
DDoS attacks, once considered a “solved problem,” have resurged in recent years. They are now cheaper and easier to execute, with attack services available on the dark web for as little as $11. The proliferation of internet-connected devices has intensified these attacks, as specialized malware can infect everything from smart TVs and fitness trackers to baby monitors and video cameras, creating “botnets” that can overwhelm servers with millions of requests at once.
DDoS mitigation typically involves filtering out malicious traffic, but distinguishing between requests from bots and legitimate users can be challenging. Experts suggest that Microsoft may have exacerbated the attack’s impact by inadvertently blocking real Azure users in an attempt to isolate illegitimate ones. A Microsoft spokesperson acknowledged that a “network device misconfiguration” contributed to the service interruption and confirmed that the company is still investigating the incident.
The increasing size and accessibility of botnets make DDoS attacks harder to defend against. With an ever-growing number of web-connected devices, cybercriminals have more potential tools to enlist in their attacks. This trend has turned botnet rentals into an industry, allowing cybercriminals to launch attacks relatively inexpensively.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have jointly warned of potential DDoS attacks during the upcoming 2024 US presidential election, citing their use in past election-related disruptions. In Venezuela, DDoS attacks have spiked tenfold since President Nicolás Maduro declared victory in a disputed election, reflecting the use of such attacks as a form of digital protest.
These events highlight the persistent and evolving threat of DDoS attacks, underscoring the need for robust cybersecurity measures and continuous vigilance.
Photo Credit: DepositPhotos.com