Earlier this month, a group known as Anonymous Sudan took credit for a service outage that disrupted access to Outlook, OneDrive and a handful of other Microsoft online services. After initially sharing little information about the incident, the company confirmed late Friday it had been the target of a series of distributed denial-of-service attacks. In a blog post spotted by the Associated Press (via The Verge), Microsoft said the attacks “temporarily impacted” the availability of some services, adding they were primarily designed to generate “publicity” for a threat actor the company has dubbed Storm-1359. Under Microsoft’s threat actor naming convention, Storm is a temporary designator the company employs for groups whose affiliation it hasn’t definitively established yet.
“We have seen no evidence that customer data has been accessed or compromised,” the company said. In a statement Microsoft shared with the Associated Press, the tech giant confirmed Anonymous Sudan was responsible for the attacks. It’s not clear how many Microsoft customers were affected by the attacks, or if the impact was global. The company believes Storm-1359 likely relied on a combination of virtual private servers and rented cloud infrastructure to carry out its operation.
Per Bleeping Computer, Anonymous Sudan began carrying out cyberattacks at the start of 2023. At the time, the group claimed it was targeting countries that meddle in Sudanese politics and promote anti-Muslim policies. However, some cybersecurity researchers believe the group is in fact an offshoot of the Kremlin-affiliated Killnet gang, and the reference to Sudan is a false flag designed to mislead casual onlookers. The likelihood of that link became more apparent on Friday when Anonymous Sudan said it was forming a “Darknet Parliament” with Killnet and Revil, another pro-Russian gang. As a first order of business, the alliance threatened to target SWIFT, the international interbanking system the United States and European Union cut Russia off from in response to its invasion of Ukraine in early 2022.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Published at Sun, 18 Jun 2023 17:34:31 +0000