Is Microsoft's Office365 vulnerable?

Powered by SC Magazine
 

Comment: Microsoft still uncertain on root cause of outage.

A lack of detail on the root cause of Friday’s Microsoft Office365 outage has even the strongest advocates of cloud computing concerned the vendor isn’t up to the task of securing online services.

The outage, which Microsoft claims only to have impacted customers for around four hours, took out global Office365, Hotmail and SkyDrive services.

Microsoft has had four days to provide a post-incident report, but has only provided the briefest of statements to explain what went wrong.

“On Thursday, September 8th at approximately 8 p.m. PDT, Microsoft became aware of a Domain Name Service (DNS) problem causing service degradation for multiple cloud-based services.

A tool that helps balance network traffic was being updated, and for a currently unknown reason, the update did not work correctly. As a result, the configuration was corrupted, which caused service disruption.

Service restoration began at approximately 10:30 p.m. PDT, with full service restoration completed at approximately 11:30 p.m. PDT. We are continuing to review the incident.”

Microsoft's statement is nowhere as detailed as Amazon Web Services’ post-incident report when it suffered an outage in April.

Missing is information on why global services were affected – despite Microsoft’s promise of regional availability zones – and what steps it would take to ensure the incident is never repeated.

IT engineers discussing the outage with iTnews said it is perfectly feasible that Microsoft technicians did indeed break the load distribution system at a central location, from where the service is distributed globally.

But this doesn't explain why Microsoft's first response was to attribute the outage to a power failure in a post that was pulled within an hour.

 

Microsoft's post, before and after


In the vacuum of information around the outage, one hacking group has been in contact with SC Magazine Australia claiming responsibility for deleting Microsoft’s DNS records. The group is yet to provide the publication any concrete evidence (such as logs) of its involvement.

Microsoft MVP Wayne Small, owner of small business server resource SBSFAQ.com, said it was nonetheless of great concern that Microsoft’s own DNS (Domain Name Service) records – an essential element of its online services – could have been corrupted or deleted.

“DNS is the root of the internet – we rely on it to resolve domain names to IP addresses," Small said. "It is an intrinsic part of the design of DNS that it should still work if a single server goes down.

“It could be that, as Microsoft says, an update corrupted these DNS records. But it could just as well be some mischievous attacker deleting them.

"If somebody out there is able to kill DNS records, we better watch out. I would prefer to think Microsoft screwed up when updating their tool.”

Justin Warren, managing director at PivotNine said it was hard to be able to read into the outage without an intimate knowledge of Microsoft’s architecture.

“Perhaps Microsoft’s infrastructure is not as distributed as it should be,” he said.

But he does hold some doubts about why a hacking group would attack DNS when a DDoS attack on the service itself would be so much easier and equally effective.

Either way, the speculation could be remedied with a more detailed post-incident report.

“Why hasn’t Microsoft come clean?” Small asked.

“Microsoft’s explanation is nowhere near as detailed as what Google provided [for an hour-long Google Docs outage last week]. I’m a little concerned about that.

"Microsoft hasn’t given customers a clear understanding of just what plans are in place to make sure this doesn’t happen again.”

Copyright © iTnews.com.au . All rights reserved.


Is Microsoft's Office365 vulnerable?
 
 
 
Top Stories
NSW to build its own myGov
Service NSW digital profiles available by September.
 
Australia's leaders agree to end GST-free online goods
Gerry Harvey may finally get his way.
 
What to expect from Abbott's national cyber security strategy
Key policy architect reveals focus of new document.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Microsoft reveals Microsoft Send, a new enterprise chat app to rival Slack
Jul 27, 2015
Microsoft Send is MSN Messenger for grownups, and you could be using it at work very soon
Developers offered $500,000 grants to find HoloLens uses
Jul 8, 2015
Can augmented-reality end up in business?
Microsoft Tossup: The planning app for unorganised groups of friends
Jul 8, 2015
App allows friends to research venues, vote on plans and chat. And depending on how you run your ...
Windows 10 drops 29 July... but only for some
Jul 6, 2015
If you've reserved your copy of Windows 10 and are keenly awaiting its 29 July release, don't ...
Xerocon is heading to Melbourne!
Jul 1, 2015
We're not saying Xero is our FAVOURITE or anything, but Xero's 2015 Xerocon conference is being ...
Latest Comments
Polls
Should law enforcement be able to buy and use exploits?



   |   View results
Yes
  13%
 
No
  52%
 
Only in special circumstances
  17%
 
Yes, but with more transparency
  18%
TOTAL VOTES: 679

Vote