Shulou(Shulou.com)11/24 Report--

CTOnews.com, June 24 / PRNewswire-FirstCall-Asianet /-- Microsoft recently released a blog post admitting that its Microsoft 365 and Azure cloud services were repeatedly interrupted by frequent DDoS attacks by hackers.

It is reported that an anonymous hacker group named Anonymous Sudan is responsible for these DDoS attacks. Since the beginning of June this year, Microsoft has suffered intermittent DDoS attacks on all Microsoft services from the hacker group. Microsoft has marked it as "Storm-1359" and believes that the group has access to a range of botnets and tools that enable hackers to launch DDoS attacks from multiple cloud services and open proxy infrastructure.

▲ Microsoft posted a blog post admitting to being attacked by DDoS. Touyuan Microsoft MSRC Microsoft said that Storm-1359 launched several types of "Layer 7" DDoS attack traffic:

HTTP (S) Flood attack: this attack is designed to deplete system resources through heavily loaded SSL / TLS handshakes and HTTP (S) request processing. In this case, hackers send high-load (millions) HTTP (S) requests from different source IP, which are well distributed around the world. This causes the application back end to run out of computing resources (CPU and memory)

Cache bypass: this attack attempts to bypass the CDN layer and may overload the source server. In this case, the hacker sends a series of queries against the generated URL, forcing the front-end layer to forward all requests to the source instead of providing services from the cached content

Slowloris: this attack means that the client opens a connection to the Web server, requests resources (such as images), and then fails to confirm the download (or slowly accepts the download request). This forces the Web server to keep the connection open and keep the requested resources in memory.

CTOnews.com noted that Microsoft claimed that the hackers' attacks were mainly aimed at layer 7, not layer 3 or layer 4. As a result, Microsoft is currently strengthening layer 7 protection, including tuning the Azure Web Application Firewall (WAF).

"Layer 7" refers to the OSI seven-layer protocol model, namely: application layer (Application), presentation layer (Presentation), session layer (Session), transport layer (Transport), network layer (Network), data link layer (Data Link), physical layer (Physical).

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.