Microsoft confirmed via an update on its Azure Status website that a 9-hour outage was a result of a DDoS attack that affected its Microsoft 365 and Azure services.
The distributed denial-of-service (DDoS) attack affected the services globally, and within the blog post, Microsoft didn't specify where or who the attack came from. More specifically, the post states that while the initial DDoS attack did trigger the event, it was responded to by Microsoft's protection mechanisms, but following investigations, Redmond discovered "the implementation of our defenses amplified the impact of the attack rather than mitigating it."
Furthermore, Microsoft said that customer impact began at 11:45 UTC, and by 14:10 UTC, the fix was already rolled out, and the majority of the impact was successfully mitigated. The only details we have on how the outage occurred was Microsoft's description of the outage being caused by an "unexpected usage spike" that "resulted in Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components performing below acceptable thresholds, leading to intermittent errors, timeout, and latency spikes."
"Between approximately at 11:45 UTC and 19:43 UTC on 30 July 2024, a subset of customers may have experienced issues connecting to a subset of Microsoft services globally. Impacted services included Azure App Services, Application Insights, Azure IoT Central, Azure Log Search Alerts, Azure Policy, as well as the Azure portal itself and a subset of Microsoft 365 and Microsoft Purview services," states Microsoft
Redmond states at the bottom of its post that it will be publishing a comprehensive investigative report on the outage that will reveal more details about how the company responded and what happened.