Microsoft Azure Outage Attributed to DDoS Attack

Microsoft has confirmed that the Azure outage on July 30 was precipitated by a distributed denial of service (DDoS) attack. The incident, which disrupted access to multiple Microsoft services, including Microsoft 365 applications such as Office and Outlook, as well as various Azure services, lasted nearly 10 hours.

The outage occurred shortly after a separate incident in which a CrowdStrike update caused Microsoft Windows machines to crash. Among the organizations affected by this latest outage was the U.K. bank NatWest.

According to the Azure status history page, the disruption began at approximately 11:45 AM UTC and was resolved by 7:43 PM UTC. Microsoft noted that a subset of customers experienced connectivity issues across a range of services globally, including Azure App Services, Azure IoT Central, Azure Log Search Alerts, Azure Policy, and components of Microsoft 365 and Microsoft Purview.

Microsoft attributed the outage to an "initial trigger event" in the form of a DDoS attack. This attack resulted in an "unexpected usage spike" that caused Azure Front Door and Azure Content Delivery Network components to operate below acceptable performance thresholds. This led to intermittent errors, timeouts, and latency spikes.

While Microsoft’s DDoS protection mechanisms were activated in response to the attack, an error in their implementation exacerbated the impact rather than mitigating it. This incident underscores the critical importance of robust and thoroughly tested DDoS mitigation strategies.

Separately, Microsoft reported a 10% increase in quarterly profits, driven by growth in its cloud computing business, which saw revenue rise by 19% to $28.5 billion. The company’s fiscal fourth-quarter profit reached $22 billion, or $2.95 per share, slightly exceeding analyst expectations.