Microsoft confirms DDoS attacks caused June Outlook and OneDrive outages

Anonymous Sudan claimed responsibility for a service disruption that affected Microsoft’s online services, including Outlook and OneDrive. Microsoft initially provided limited information about the incident, but later confirmed that it was the target of distributed denial-of-service attacks. The company stated that the attacks caused temporary disruptions and were intended to generate publicity for a threat actor named Storm-1359. Microsoft uses the temporary designation of Storm for groups whose affiliation it has not yet established.

“We have seen no evidence that customer data has been processed or compromised,” the company said. In a statement from Microsoft to the Associated Press, the tech giant confirmed that Anonymous Sudan was responsible for the attacks. It is not clear how many Microsoft customers were affected by the attacks, or whether the impact was global. The company believes that Storm-1359 likely relied on a combination of virtual private servers and leased cloud infrastructure to operate.

According to Bleeping Computer, Anonymous Sudan started cyber attacks in early 2023. At the time, the group claimed it was targeting countries that interfere in Sudanese politics and promote anti-Muslim policies. However, some cybersecurity researchers believe the group is actually an offshoot of the Kremlin-linked Killnet gang, and the reference to Sudan is a false flag designed to mislead casual viewers. The likelihood of a connection became clearer on Friday when Anonymous Sudan said it was forming a “Darknet Parliament” with Killnet and Revil, another pro-Russian gang. As a first mandate, the coalition threatened to target SWIFT, the international interbank system that was cut by the United States and the European Union in response to Russia’s invasion of Ukraine in early 2022.