In June, Microsoft experienced service disruptions that affected access to Outlook, OneDrive, and several other online services. Initially, a group called Anonymous Sudan claimed responsibility for the outage. However, Microsoft later confirmed that the disruptions were caused by a series of distributed denial-of-service (DDoS) attacks. The company stated in a blog post, reported by the Associated Press via The Verge, that these attacks had a temporary impact on the availability of certain services. Microsoft revealed that the primary objective of these attacks was to generate publicity for a threat actor referred to as Storm-1359. According to Microsoft’s naming convention for threat actors, Storm serves as a temporary identifier for groups whose affiliation with the company has not yet been definitively established.
Regarding the security of customer data, Microsoft reassured that there was no evidence of access or compromise. In a statement provided to the Associated Press, the tech giant confirmed that Anonymous Sudan was responsible for the attacks. The exact number of affected Microsoft customers and the global extent of the impact remain unclear. Microsoft suspects that Storm-1359 likely employed a combination of virtual private servers and rented cloud infrastructure to execute their operation.
According to Bleeping Computer, Anonymous Sudan initiated cyberattacks at the beginning of 2023. The group initially claimed to be targeting countries involved in Sudanese politics and promoting anti-Muslim policies. However, some cybersecurity experts believe that Anonymous Sudan is actually an offshoot of the Kremlin-affiliated Killnet gang, using the reference to Sudan as a false flag to deceive casual observers. This link became more apparent when Anonymous Sudan announced the formation of a “Darknet Parliament” in collaboration with Killnet and Revil, another pro-Russian gang. Their first order of business was to threaten SWIFT, the international interbanking system. The United States and the European Union had severed Russia from SWIFT in response to its invasion of Ukraine in early 2022.
Please note that all product recommendations provided by BuyTechBlog are selected independently by our editorial team, separate from our parent company. Some of our articles may contain affiliate links, and if you make a purchase through these links, we may earn an affiliate commission. The prices mentioned are accurate at the time of publication.
Frequently Asked Questions (FAQs) about DDoS attacks
Q: What caused the service disruptions in June for Microsoft’s Outlook and OneDrive?
A: The service disruptions in June for Microsoft’s Outlook and OneDrive were caused by a series of distributed denial-of-service (DDoS) attacks. These attacks were confirmed by Microsoft and temporarily impacted the availability of certain services.
Q: Who claimed responsibility for the service disruptions?
A: Initially, a group called Anonymous Sudan claimed credit for the service disruptions. However, Microsoft later confirmed that Anonymous Sudan was indeed responsible for the DDoS attacks.
Q: Was customer data accessed or compromised during the attacks?
A: Microsoft has stated that there is no evidence of customer data being accessed or compromised during the DDoS attacks. The primary objective of these attacks was to generate publicity for the threat actor known as Storm-1359.
Q: Is there a connection between Anonymous Sudan and the Kremlin-affiliated gang?
A: Some cybersecurity researchers suspect that Anonymous Sudan is an offshoot of the Kremlin-affiliated Killnet gang. The references to Sudan may be a false flag to mislead observers. The suspicion was further supported when Anonymous Sudan announced a collaboration with Killnet and another pro-Russian gang called Revil.
Q: What is the Darknet Parliament and what is their target?
A: The Darknet Parliament is an alliance formed by Anonymous Sudan, Killnet, and Revil. Their first target is SWIFT, the international interbanking system. This action is in response to the United States and European Union cutting Russia off from SWIFT following its invasion of Ukraine in early 2022.
More about DDoS attacks
- Microsoft confirms DDoS attacks – Source confirming Microsoft’s confirmation of DDoS attacks causing service disruptions.
- Anonymous Sudan claims responsibility – Article discussing the initial claim of responsibility by Anonymous Sudan for the service disruptions.
- Cybersecurity researchers suspect Kremlin link – Information about cybersecurity researchers suspecting a connection between Anonymous Sudan and the Kremlin-affiliated Killnet gang.
- SWIFT targeted by Darknet Parliament – Details about the Darknet Parliament’s alliance and their threat to target SWIFT, the international interbanking system.