Xbox Live outage was caused by major DNS DDoS attack
Microsoft promises to do better on monitoring and mitigating traffic anomalies.
Microsoft has confirmed that the recent outage that struck a number of its cloud-based services came as a result of a DNS DDoS attack.
The outage, which lasted for roughly two hours, was triggered by an “anomalous surge” in DNS queries that came from all over the world and were targeting a set of Azure-hosted domains.
Microsoft’s users were recently unable to access a whole slew of cloud-based services, such as Xbox Live, Microsoft Office, SharePoint Online, Microsoft Intune, Dynamics 365, Microsoft Teams, Skype, Exchange Online, OneDrive, Yammer, Power BI, Power Apps, OneNote, Microsoft Managed Desktop, and Microsoft Streams.
- Here’s our list of the best endpoint protection tools to stay safe online
- Check out our list of the best ransomware protection around
- Here's our choice of the best malware removal software on the market
Who's to blame?
The company isn’t pointing any fingers, noting that, “Azure DNS servers experienced an anomalous surge in DNS queries from across the globe targeting a set of domains hosted on Azure. Normally, Azure’s layers of caches and traffic shaping would mitigate this surge. In this incident, one specific sequence of events exposed a code defect in our DNS service that reduced the efficiency of our DNS Edge caches."
With an overload on DNS services, clients started retrying requests frequently, only exacerbating the problem, the company said. These tries, however, are legitimate and were not dropped by the volumetric spike mitigation system. “This increase in traffic led to decreased availability of our DNS service.”
Fixing the issues
After the mandatory apology for the inconvenience caused, the company said it repaired the problem, adding that DNS caches shouldn’t have problems handling traffic spikes anymore.
It also said it will improve how it monitors and mitigates anomalies in traffic, without detailing what it plans on doing at this time.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Various media reports have claimed the outage uncovered major flaws in Microsoft’s modus operandi, as even a signficant DDoS attack should not really be able to take Azure down - with a company error when implementing DNS Edge caches also possibly to blame.
- Protect your devices with these best antivirus software
Via: MSPoweruser
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.