The Microsoft Office 365 outage which occurred in early September is still causing a lot of debate in the IT industry today. In this article I will discuss the main causes of this incident and try to shed some light on why it happened.
We will start by discussing the initial attack which resulted in the outage. The attack was initiated by a group of hackers who were trying to steal some data. This data was then used by the hackers to gain access to the database server and gain unauthorized access to it. They were able to get access to this server because the Microsoft Office 365 service was not configured correctly. https://www.lgnetworksinc.com/microsoft-blames-botched-software-update-for-massive-office-365-and-teams-outage/
When this attack occurred the Microsoft Office 365 system did not contain any firewall which could have helped to stop them.
However, the Microsoft Exchange server had its own firewall, which was enabled and was functioning properly. At this point the attackers began using what is known as an XML attack. This attack is executed by sending out specially crafted XML emails to the target, which in turn causes the servers to scan through every file on the server for a particular parameter which can be used to trigger the opening of the firewalls.
In order to prevent this from happening the Microsoft Exchange Server had to be configured with a new firewall that was configured to block this type of attack. Unfortunately this firewall was configured incorrectly and did not block all of the attacks that were being sent by the attackers. This resulted in the servers being vulnerable to attack from different sources.
There are many other security weaknesses that have been identified in this area as well as many more that were not even mentioned in this article. These problems can also be found on the public beta version of Microsoft’s Outlook and can easily be fixed using software such as “FixMyPC”. There is no need to take on this problem on your own or waste a lot of time and money on software such as the Microsoft Security Essentials.
There is also the possibility of the attackers having used a virus which caused the entire server to crash. If you were to download this virus, you would be able to disable the anti-virus software on the server that would allow the attackers to gain access to it. Once this access has been obtained the attackers could then access information such as passwords, financial information and even emails of the employees of the company.
The most important reason that Microsoft is blaming the attackers is because they are taking advantage of a large number of users accessing the server at the same time.
By restricting the number of users that can log in at one time you will stop the attackers from being able to access this large database and therefore the ability to get hold of this large amount of data.
The company is also saying that this outage occurred because they are using a huge amount of hardware in order to power the network, which is very expensive. The reason for the massive amount of hardware is that they are using too many servers and too many databases which would make the network difficult to manage.
The fact that the company is blaming the attackers for what caused the massive Office 365 outage is actually an indication of why the company does not use a more reliable system. In order to make a large system more reliable and less prone to attack a more robust system would have to be used. Although it would be possible to use this system on its own this is not a suitable option for an organisation with hundreds of employees.
Microsoft will however be blaming the attackers for the problems that have occurred as a result of this attack as it will be their responsibility to fix any problems that might have resulted from the attack. Unfortunately this means that the customers of this company are going to suffer because they will no longer be able to use this program. or have to purchase a new software in order to make their network work again.
The fact that Microsoft is blaming the attackers for the problem rather than the users of this system is probably the most important thing that Microsoft has said since it was brought out in 2020. The fact that they are blaming the hackers for the problem and not the people who are using this system is the best possible reason that they can have for not fixing the problem in any meaningful way.