Hacktivist group Anonymous claimed to have launched a distributed denial-of-service (DDoS) against Japanese Microsoft domains, which took down global websites.
In a pastebin
statement, it said that the attack was launched a couple of days ago at “Japanese Microsoft (domain) websites and servers” and while they “did not go down as planned”, it did take “pretty much the entire Microsoft domains down”.
It said that this included sites such as: Hotmail.com; MSN.com; Live.com; Outlook.com; and Microsoft.com. It claimed the attack was in “response to Taiji…Operation KillingBay OR #OpKillingBay” and it said: “Although we are sorry for any inconvenience we caused you Microsoft…It’s the thought that counts right?” This relates to a planned campaign against the Japanese government over culling of dolphins.
Commenting, Sean Power, security operations manager for DOSarrest told IT Security Guru that it was hard to determine the legitimacy unless Microsoft says that this is what happened.
“However, they are describing a scenario that is possible. We have had SaaS vendors engage our service due to attacks against their customers websites that get amplified by poor coding practices and take down their CRM. And with the attention it is likely to get, someone will consider this an option,” he said.
“Collateral damage from a DDoS attack is very real – regardless if this is what happened or not. DDoS attack amplification is also very real, so is the concept of trying to legitimize traffic. This illustrates very well how attacks can be reflected from, or even amplified by trusted neighbours / partners. We will likely see more of these attacks as it becomes a viable solution to attack a company’s customers/partners in hopes of “legitimising” the attack traffic.”
A spokesperson for Microsoft was unavailable.