Comment: Microsoft attack a reminder of cyber resilience importance
July 2024 by David Higgins, Senior Director, Field Technology Office, CyberArk
After the news this morning that Microsoft confirmed its latest outage was caused by a DDoS cyberattack. The commentary on this from David Higgins, Senior Director, Field Technology Office, at global security firm CyberArk. David shares his thoughts on how this attack happened, what the intended outcomes likely were, and what it shows us about the importance of proactive cybersecurity testing and operational resilience.
“This attack focused on Microsoft’s cloud-based services, which many organisations today are reliant on. From authentication provided by their identity tools (allowing users to log on to applications like Office 365) to Cloud Platform Services like Azure itself, which runs applications and servers for organisations across the world. All this runs on MSFT services - if these services stop responding, then all login requests, applications, etc. all stop working, which in turn creates widespread outages. If any of the affected customers were running customer facing applications, as an example, during this attack – then it’s very likely that those applications went offline.
By targeting an organisation as large and as heavily used as Microsoft with a DDoS attack, widespread disruption could have been the only expected outcome. However, Microsoft have admitted that a misconfiguration in their security settings actually amplified the impact of this attack, so perhaps the attackers themselves were also a little surprised at how wide this disruption went.
This doesn’t necessarily show that there are serious security flaws in Microsoft’s software. It does highlight some key points though - firstly, again around the misconfiguration, it’s a strong reminder that implementing security isn’t enough and organisations should take proactive steps to constantly test their own defences. Secondly, the importance of operational resilience – organisations need to ensure they have proven contingency processes in place so that an outage in MSFT doesn’t stop business.”