Return to site

"SHALL WE PLAY A GAME?"

Major Cybersecurity Event 05-02-19. Stay alert!

· MICROSOFT 365,OFFICE 365,SECURITY,DDOS,CYBERSECURITY

WHAT HAPPENED.

During preparation for a Microsoft 365 Online training session, I began to experience service degradation.

The services eventually came back online and I thought: just another blip in the Microsoft outage history log.

I started my training session and ran into the same issues with the client Microsoft 365 Online tenant...hmmm...

I thought: Multiple services. Multiple domain names. All owned by Microsoft and part of the same ecosystem. This feels like an orchestrated attack. A Distributed Denial of Service (DDos) attack: sending so much information to endpoints that no other data can get through and the attacked servers may even crash.

I started my basic investigating and found the downdetector.com was reporting disruptions in all of the core cloud-based services required to run the Microsoft 365 ecosystem.

broken image

The conversation turned.

I began discussing my findings with my team and was quickly met with a link bringing me to Fortinet's Threat Map. This shows real time threats: origin, destination and vulnerability. Below, I've posted a short snippet of what we've been monitoring today.

What can be done.

Right now, we wait and remain vigilant. Be extremely wary of all e-mail. Double-check sender addresses on sensitive communication and verify over the phone any high-value transactions. Leave nothing to chance.

When services are returned to normal state. We continue to monitor.

After the dust settles, we discuss cloud backup solutions so that your cloud data can be stored locally in the event of a long-term outage.

If you have questions, comments or concerns, please reach out to us via approved NS.BC support contact methods.