Global Outage Caused By Cyber Attack – Technologist
A global outage affecting widely-used digital Microsoft services such as email and gaming has been resolved, with the disruption traced back to a potential cyber attack and an insufficient defensive response, with their planned defence actually worsening the situation. Below, we dissect what happened, who was affected and why speculating about the perpetrators will not help the investigation.
Who did the Cyber Attack affect?
The incident, which lasted almost 10 hours, had a global reach, affecting thousands of users. It must be noted that attribution is always difficult in the event of a cyber attack despite mainstream media speculation, and we are currently waiting on Microsoft to clarify further details – as it is not always clear, and may not be for some time, who was responsible for the attack whilst the investigation continues. If this was a cyber attack, it highlights the need for all industries to take cyber security and IT support seriously.
What caused the outage?
Initial investigations into the latest outage revealed that it was likely to be triggered by a Distributed Denial-of-Service (DDoS) attack. However, an error in implementing defensive cyber security measures amplified the impact rather than mitigating it.
What is a DDoS attack?
DDoS attacks are designed to overwhelm online services with excessive internet traffic, rendering them inaccessible. Despite the anticipated resilience of the infrastructure, the network experienced significant disruptions.
What services were affected?
The outage affected multiple services, including essential cloud computing platforms and office productivity tools, disrupting various organisations and their services. Notably, Cambridge Water, HM Courts and Tribunals Service, and NatWest Bank reported issues, highlighting the broad impact of the outage on essential services and customer-facing applications.
What have Microsoft said?
This outage occurred just before a major financial update from Microsoft, whose cloud services have been a significant profit driver. Despite recent slowdowns in demand, the company reported a notable revenue increase in its cloud unit. However, investor confidence has been shaken due to weaker-than-expected growth, highlighting the potential financial impact of such incidents.
Where do businesses go next?
Continuous monitoring and timely updates of software and devices are not just recommended; they are essential to maintaining the integrity and availability of all digital services. This incident serves as a stark reminder of the need for constant vigilance in the face of evolving cyber threats.